I noticed that dropbear in DD-WRT only supports the rsa key type.
This is problematic for two reasons:
1) Recent openssh-client versions will not connect to servers with an RSA host key unless an option is present to allow it.
2) I have begun switching to 521 bit ecdsa keys. I still have a 4096 bit RSA key, but have stopped using it for most things. I suspect that given item 1 above, openssh will stop supporting RSA client keys by default at some point in the future.
Code:
root@orthanc:~# dropbearkey
Must specify a key filename
Usage: dropbearkey -t <type> -f <filename> [-s bits]
-t type Type of key to generate. One of:
rsa
-f filename Use filename for the secret key.
~/.ssh/id_dropbear is recommended for client keys.
-s bits Key size in bits, should be a multiple of 8 (optional)
-y Just print the publickey and fingerprint for the
private key in <filename>.
Joined: 18 Mar 2014 Posts: 12840 Location: Netherlands
Posted: Tue Sep 13, 2022 14:38 Post subject:
I have ecdsa enabled in my builds but it takes up "serious" space and also 4 MB flash routers have SSH so we are size constraint, it has been asked before but was declined
I have ecdsa enabled in my builds but it takes up "serious" space and also 4 MB flash routers have SSH so we are size constraint, it has been asked before but was declined
That's interesting. Are the other key types disabled in the openssh build? If openssh can support them with the DD-WRT build, then it seems like dropbear would not need to be significantly larger to use them, but if they are disabled in openssh, then it makes sense.
Would the extra binary size be problematic for the larger builds? I'm using std. I imagine there is already a lot of customization for the smaller builds. Only enabling rsa on those and allowing other types on one or more larger builds seems very pragmatic.
Joined: 08 May 2018 Posts: 14129 Location: Texas, USA
Posted: Tue Sep 13, 2022 16:00 Post subject:
Which ssh client doesn't support RSA key types currently? Which OS-native ssh implementation doesn't use it by default currently? I'm curious to hear the answer. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 18 Mar 2014 Posts: 12840 Location: Netherlands
Posted: Tue Sep 13, 2022 16:17 Post subject:
elyograg wrote:
Quote:
I have ecdsa enabled in my builds but it takes up "serious" space and also 4 MB flash routers have SSH so we are size constraint, it has been asked before but was declined
That's interesting. Are the other key types disabled in the openssh build? If openssh can support them with the DD-WRT build, then it seems like dropbear would not need to be significantly larger to use them, but if they are disabled in openssh, then it makes sense.
Would the extra binary size be problematic for the larger builds? I'm using std. I imagine there is already a lot of customization for the smaller builds. Only enabling rsa on those and allowing other types on one or more larger builds seems very pragmatic.
I enabled ecdsa not because I need it but because I can
For most routers I administer I still use 4096 bit RSA keys and have no problems with this.
There are 300+ routers supported (I never counted, just a guess) and customization is an administrative burden.
I added some packages with customization (Ipset, Avahi) but the grand wizard is not a fan of customization and I can understand why if you have to customize 300 config files and have to decide which router gets what.
BTW, you can always install OpenSSH via Entware. I dunno whether you could just replace Dropbear with standard OpenSSH....
_________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Tue Sep 13, 2022 18:13 Post subject:
ho1Aetoo wrote:
what do you want with ECDSA when there is (EDDSA) Ed25519?
Good luck with that DD-WRT side, just getting a smaller/faster ECDSA is already proving a no man land for standard official builds, egc said it, none wants to maintain complex build /makefiles.
It would be a win HTTPS side, faster/smaller certificates and possibly even have a single CA certificate to install in browsers as to get rid of the dumb ass not secure browser notices, fairly simple to implement, very difficult to get past BS, so SSH would merely benefit.
/* ECDSA is significantly faster than RSA or DSS. Compiling in ECC
* code (either ECDSA or ECDH) increases binary size - around 30kB
* on x86-64 */
#define DROPBEAR_ECDSA 0
Quote:
/* Ed25519 is faster than ECDSA. Compiling in Ed25519 code increases
binary size - around 7,5kB on x86-64 */
#define DROPBEAR_ED25519 0
But in the end it doesn't matter I just asked why egc has activated ECDSA and not Ed25519
by the way i don't need it because i use it for a long time, i use other devices for ssh
Joined: 26 Mar 2013 Posts: 1855 Location: Hung Hom, Hong Kong
Posted: Wed Sep 14, 2022 12:16 Post subject:
the-joker wrote:
I think the answer to the OP is, officially, good luck with that request. I'm holding for elliptic curve as well, best I could push through was chachapoly which is currently the most modern supported..
If "elliptic curve" was so magical, why was there ECDSA but not ECRSA? I am just curious... it's just maths!?
_________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Wed Sep 14, 2022 14:01 Post subject:
Elliptic-curves are about key size and speed, to achieve the same encryption level basically with less bits, ECRSA doesn't exist AFAIK, you just made it up .
I was just curious why EC could not be applied to RSA 2 keys, not trying to make up anything. Why was it DSA but not RSA?
Anyway, it seemed that ECDSA was quite old. Maybe it required too much computing power in the time when faster CPUs were not available? And hence the preference of RSA?
BTW, there are tickets about Dropbear and ECDSA and ED25519!