Guest kendon Posted January 12, 2010 Report Share Posted January 12, 2010 (edited) just noticed something strange. i set up my dropbear to use kendon as username. then i accidently tried to login as root, which worked. well, so far it seems the username is not checked at all: kendon@nx:~$ ssh kendon@hero -p 2222 # id uid=0 gid=0 groups=0 # Connection to hero closed. kendon@nx:~$ ssh root@hero -p 2222 # id uid=0 gid=0 groups=0 # Connection to hero closed. kendon@nx:~$ ssh the_pope@hero -p 2222 # id uid=0 gid=0 groups=0 # Connection to hero closed. kendon@nx:~$ ssh god@hero -p 2222 # id uid=0 gid=0 groups=0 # Connection to hero closed. kendon@nx:~$ ssh satan@hero -p 2222 # id uid=0 gid=0 groups=0 # Connection to hero closed. this is the dropbear command: dropbear -A -N kendon -U 0 -G 0 -C "$passwd" -R /data/dropbear/authorized_keys -d /data/dropbear/dss_host_key -r /data/dropbear/rsa_host_key -p 2222 any ideas? it's not that bad with a secure password, but i am not sure if i can trust dropbear at all? Edited January 13, 2010 by kendon Link to comment Share on other sites More sharing options...
Guest stevenz Posted January 13, 2010 Report Share Posted January 13, 2010 Presumably the explicit username for -N (supposedly) locks the server to only allow a login with that specific name other than the default? Try specifying something via the -b switch so you get some visual feedback and see if it's actually paying _any_ attention to what you're telling it. Link to comment Share on other sites More sharing options...
Guest kendon Posted January 13, 2010 Report Share Posted January 13, 2010 Presumably the explicit username for -N (supposedly) locks the server to only allow a login with that specific name other than the default? Try specifying something via the -b switch so you get some visual feedback and see if it's actually paying _any_ attention to what you're telling it. i checked the log, now i am not sure whether i got the whole user thing for dropbear right. this is my log: [1758] Jan 13 11:02:47 Not backgrounding [1761] Jan 13 11:03:49 Child connection from 127.0.0.1:57255 [1761] Jan 13 11:03:51 pubkey auth succeeded for 'kendon' with key md5 xx::yy from 127.0.0.1:57255 [1761] Jan 13 11:04:21 exit after auth (kendon): Exited normally [1763] Jan 13 11:04:30 Child connection from 127.0.0.1:57256 [1763] Jan 13 11:04:30 pubkey auth succeeded for 'kendon' with key md5 xx::yy from 127.0.0.1:57256 [1763] Jan 13 11:05:04 exit after auth (kendon): Exited normally first try with kendon, second with root as username. does the N switch specify the username with which i log in or the username that is used on the clientside? Link to comment Share on other sites More sharing options...
Guest kendon Posted January 13, 2010 Report Share Posted January 13, 2010 (edited) first try with kendon, second with root as username. does the N switch specify the username with which i log in or the username that is used on the clientside? i guess i was right: kendon@nx:~$ ssh kendon@localhost -p 2222 # id uid=0 gid=0 groups=0 # echo $USER kendon # Connection to localhost closed. kendon@nx:~$ ssh root@localhost -p 2222 # id uid=0 gid=0 groups=0 # echo $USER kendon # Connection to localhost closed. so it isn't a problem at all... still strange, i'd like to set the login username better than setting the clientside username... thanks for the hint! Edited January 13, 2010 by kendon Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now