Can not connect to dropbear with OpenSSH 8.0p1

Question

Can not connect to dropbear with OpenSSH 8.0p1

Closed this issue 5 years ago · 6 comments

It might very well be my specific version of ssh on my laptop, but I can not connect to the version of dropbear that it is currently being built with.

ssh root@192.168.1.8 -p 2222 -vv
	OpenSSH_8.0p1-PKIXSSH-12.1-hpn14v16, OpenSSL 1.0.2t  10 Sep 2019
	debug1: Can't process default engine config file: No such file or directory
	debug1: Reading configuration data /home/dequeued/.ssh/config
	debug1: /home/dequeued/.ssh/config line 18: Applying options for *
	debug1: Reading configuration data /etc/ssh/ssh_config
	debug1: ssh_set_validator: ignore responder url
	debug1: Connecting to 192.168.1.8 [192.168.1.8] port 2222.
	debug1: Connection established.
	debug1: Local version string SSH-2.0-OpenSSH_8.0p1-PKIXSSH-12.1-hpn14v16 PKIX[12.1]
	debug1: Remote protocol version 2.0, remote software version dropbear_2015.71
	debug1: no match: dropbear_2015.71
	debug1: x.509 compatibility rfc6187_missing_key_identifier=no: pattern '*' match 'dropbear_2015.71'
	debug1: x.509 compatibility rfc6187_asn1_opaque_ecdsa_signature=no: pattern '*' match 'dropbear_2015.71'
	debug1: x.509 compatibility broken list with accepted publickey algorithms=no: pattern '*' match 'dropbear_2015.71'
	debug1: Authenticating to 192.168.1.8:2222 as 'root'
	debug1: SSH2_MSG_KEXINIT sent
	debug1: SSH2_MSG_KEXINIT received
	debug1: AUTH STATE IS 0
	debug1: kex: algorithm: curve25519-sha256@libssh.org
	debug1: kex: host key algorithm: ssh-rsa
	debug1: REQUESTED ENC.NAME is 'aes128-ctr'
	debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
	debug1: REQUESTED ENC.NAME is 'aes128-ctr'
	debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
	debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
	Connection closed by 192.168.1.8 port 2222

I have seen some suggestions, like changing the MTU or KexAlgorithm, but nothing has worked so far.

I did get it working by dropping in an updated dropbear version in https://github.com/unqueued/better-initramfs/blob/devel/bootstrap/lebuilds/dropbear.lebuild

With a newer release from here:
https://matt.ucc.asn.au/dropbear/releases/

Am still figuring out what exactly the problem is caused by, but maybe dropbear should be updated anyway?

Answer 1 · 2020-03-05T18:13:50.000Z

Yes, i have long overdue update session for all deps, so i will look into it this weekend and push bumps to devel branch., will update this issue afterwards

Answer 2 · 2020-03-22T18:02:49.000Z

FYI I have not forgotten about this or other issues, I just have little time now. Will try to push things forward soon, after I finish what I have already in progress.

Answer 3 · 2020-04-12T19:49:39.000Z

Hi,

Can you please let me know if the v0.10.0 I've just released fixes problem for you?

Note that this one have new sysroot, so you may need to manually wipe build_dir/ first. It will be like that until I finish the root-less build system overhaul.

Answer 4 · 2020-04-18T17:49:30.000Z

Cool, I'm still testing. Would it be possible for you to repost the distfiles that were there a few weeks ago, so that I can build from b3a63a6?

Answer 5 · 2020-04-20T17:56:27.000Z

I have no copy of them, everything beside sysroot can be found on the mirrors. The sysroot was like 4 years old so I had no real reason to keep it.

Answer 6 · 2020-04-23T17:39:27.000Z

No problem, I was able to take care of everything. Problem appears to be fixed, but will continue testing.