DMP1 SSHD

From Omnifi Wiki

Quick Links

Main Page Stuff DMP1 Stuff DMS1 Stuff SimpleCenter Stuff Other Stuff Programming Building A Toolchain Building A Special Toolchain Compile Programs DMP1 Factsheets

Related topics

Find Something To Put Here

edit

Contents 1 You've got to be kidding!! SSH for the DMP1?!! 2 Where's the proof? 3 Where Can I Get A SSH Daemon That Runs On The DMP1? 4 Let's Build! 4.1 Making An Even Smaller Output 5 Getting It To Work 5.1 Generate The Keys! 5.2 You Now Have A Choice 5.3 Now Set A Root Password 5.4 Now Connect Using Your SSH Client 5.5 Automating All Of These Steps 6 Caveat 7 Other SSH Servers 8 Related Links 9 External Links

You've got to be kidding!! SSH for the DMP1?!!

A SSH daemon/service for the DMP1 sounds out of reach, particularly because of the massive libraries needed to build the OpenSSH project. But what if we need none of that, and instead build a very small SSH server that can fit onto the DMP1 and run just as well? Well, it can be done.

Where's the proof?

On my network, my DMP1 is 192.168.1.15. Here is a screenshot that illustrates this SSH server in action and my SSH client connected to it. Openfi was stopped during this time.

Where Can I Get A SSH Daemon That Runs On The DMP1?

After searching several hours for SSH servers, I settled for one called Dropbear. Here's the download page. If you haven't already, you'll need an ARM CrossCompiler to build this project. You can build it natively to run on your Linux or Cygwin, but why?

Let's Build!

It's important to note that we will be disabling zlib (compression) support in this build -- I haven't figured out a good way to get the darn thing to compile properly with it yet. That means your OpenSSH client needs to explicitly disable compression when it makes a connection to dropbear...

~# wget http://matt.ucc.asn.au/dropbear/dropbear-0.47.tar.bz2
07:54:23 (168.77 KB/s) - `dropbear-0.47.tar.bz2' saved [1418374/1418374
~# tar xf dropbear-0.47.tar.bz2 
~# cd dropbear-0.47/
~/dropbear-0.47# export PATH=/opt/arm-uclibc:${PATH}
~/dropbear-0.47# export CFLAGS="-Os -static -Wall"
~/dropbear-0.47# export LDFLAGS="-static"
~/dropbear-0.47# ./configure --host=arm --build=i386-linux --disable-zlib
(blah, blah, blah ...)

At this point, you can edit the options.h file before beginning the make. For now, accept the default and move on. It is important to note that you have several options for the make. We're trying to build the smallest possible working server (as opposed to building an all-in-one server-client version) so do the following:

~/dropbear-0.47# make PROGRAMS=dropbear strip
(compile, compile, compile ...)
~/dropbear-0.47# make strip
(blah, blah, blah ...)
~/dropbear-0.47# _

This will build 4 files (dropbear, dbclient, dropbearkey and dropbearconvert) and strip the code of its symbols and have it ready for you. Of course you'll change the locations of the ARM GCC compiler (in red above) to what would match your system (what's depicted above is for my buildroot/uClibc version of the cross-compiler).

The file sizes come out to be:

-rwxr-xr-x   1 root root  114504 2006-02-14 08:12 dropbearkey*
-rwxr-xr-x   1 root root  114244 2006-02-14 08:12 dropbearconvert*
-rwxr-xr-x   1 root root  193572 2006-02-14 08:12 dropbear*
-rwxr-xr-x   1 root root  164592 2006-02-14 08:12 dbclient*

Making An Even Smaller Output

If you inspect the SMALL file that comes with dropbear, you'll see that there are some other compiler and linker flags that you can add to build an even smaller version. However, I've found that while it does produce a smaller file, it does not properly run on the DMP1 (at least with my uClibc build). So unless you're technologically savvy with compilers, stay away from the following options (which are only shown for demonstration purposes):

CFLAGS="-ffunction-sections -fdata-sections"
LDFLAGS="-W1,--gc-sections"

Alternately, you can edit the options.h file, such as disabling X11 forwarding, blowfish and stuff. Comment out these specific flags (that is, put /* and */ on either side of each line below):

#define ENABLE_X11FWD
#define ENABLE_AGENTFWD
#define DROPBEAR_BLOWFISH_CBC
#define DROPBEAR_TWOFISH256_CBC
#define DROPBEAR_TWOFISH128_CBC
#define DROPBEAR_MD5_HMAC 
#define DO_HOST_LOOKUP
#define SFTPSERVER_PATH "/usr/libexec/sftp-server"

Now do a make clean, reconfigure and recompile:

~/dropbear-0.47# make clean
~/dropbear-0.47# ./configure --host=arm --build=i386-linux --disable-zlib
(blah, blah, blah ...)
~/dropbear-0.47# make PROGRAMS=dropbear strip
(compile, compile, compile ...)
~/dropbear-0.47# make strip
(blah, blah, blah ...)
~/dropbear-0.47# _

-rwxr-xr-x   1 root root  114484 2006-02-14 08:12 dropbearkey*
-rwxr-xr-x   1 root root  110128 2006-02-14 08:12 dropbearconvert*
-rwxr-xr-x   1 root root  177040 2006-02-14 08:12 dropbear*
-rwxr-xr-x   1 root root  152672 2006-02-14 08:12 dbclient*

It's a modest reduction...

Getting It To Work

Here's the fun part. Create a folder on your HD called /dropbear(or anything you'd like). Put the four files that were created in the build step above, into this directory.

Generate The Keys!

Now, look at my screenshot above and rlogin to your DMP1.

~# rlogin -l root 192.168.1.15

BusyBox v0.60.3 (2003.02.20-23.40+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

# cd /storage/disc1/dropbear/
# ls -l

-rwxrwxrwx   1 sync sync  114504 2006-02-14 08:12 dropbearkey*
-rwxrwxrwx   1 sync sync  114244 2006-02-14 08:12 dropbearconvert*
-rwxrwxrwx   1 sync sync  193572 2006-02-14 08:12 dropbear*
-rwxrwxrwx   1 sync sync  164592 2006-02-14 08:12 dbclient*

# discWE

# ./dropbearkey
Must specify a key filename
Usage: ./dropbearkey -t <type> -f <filename> [-s bits]
Options are:
-t type Type of key to generate. One of:
                rsa
                dss
-f filename     Use filename for the secret key
-s v (optional)
-y              Just print the publickey and fingerprint for the
                private key in <filename>.

# ./dropbearkey -t dss -f dropbear_dss_host_key
Will output 1024 bit dss secret key to 'dropbear_dss_host_key'
Generating key, this may take a while...
Public key portion is:
ssh-dss AAAAB3NzaC1kc3MAAACBAOxHzaaEhxWFx7cdZX  ...  FSJsVI1MZqVyw== 
Fingerprint: sha1 c4:3f:0c:ed:80:9d:df:60:a8:97:c5:a8:d6:b8:95:d2:c6:00:42:26

# ./dropbearkey -t rsa -f dropbear_rsa_host_key
Will output 1024 bit rsa secret key to 'dropbear_rsa_host_key'
Generating key, this may take a while...
Public key portion is:
ssh-rsa  AAAAB3NzaC1yc2EAAAADAQABAAAWvYsfmaNV8  ...  ZdYzXscYurPoe46WcZQ9
Fingerprint: sha1 6b:6f:7d:52:30:30:8b:0c:99:bf:42:7e:92:08:2b:68:a7:40:ba:08

# sync
# discWD
# _

The parameters to pass are:

* -t	Either dss or rsa
* -f	Key filenames. Use the filenames specified above!
* [-s]	(Optional) Key size in bits, should be a multiple of 8
* [-y]	(Optional) Just print the publickey and fingerprint for the private key in <filename>.

You might get the following message:

Warning: Reading the random source seems to have blocked.
If you experience problems, you probably need to find a better entropy source.

If you do, break out of the program and try again. Also, it'll take about 10 seconds to generate the rsa key. The dss key takes significantly longer...

You Now Have A Choice

By default, dropbear looks for the keys in the /etc/dropbear directory (see options.h). You can also specify it explicitly when you start it up. Do this for the explicit startup:

~# rlogin -l root 192.168.1.15

BusyBox v0.60.3 (2003.02.20-23.40+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

# cd /storage/disc1/dropbear/
# ./dropbear -F -d dropbear_dss_host_key -r dropbear_rsa_host_key

I specified the -F (don't fork into the background) option because without it, dropbear seems to exit immediately.

Alternately, you can do the following:

~# rlogin -l root 192.168.1.15

BusyBox v0.60.3 (2003.02.20-23.40+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

# cd /storage/disc1/dropbear/
# mkdir /.etc/dropbear
# cp ./dropbear_* /.etc/dropbear/
# ./dropbear

• Note: /.etc is not a typo; you just can't copy a file into /etc!

This will copy the dss and rsa keys into the /etc/dropbear directory and then dropbear can be invoked directly without parameters. I have tested this configuration, but if any of you find that it does (or does not) work, help me update this wiki accordingly! ("thanks!" ~lum)

• Note: In my screenshots, I've renamed dropbear_dss_host_key to dss and dropbear_rsa_host_key to rsa and specify these directly from the command line. If you copy the key files to the /.etc/dropbear directory, then you MUST use the full name (dropbear_xxx_host_key). Otherwise, dropbear won't find them and won't start. (Oh, I know you can change that in options.h ...)

Now Set A Root Password

Funny - there isn't a root password set on the DMP1, is there? I mean, we don't need to supply one when we connect via ftp or rlogin. Actually, if you look at the /etc/shadow file, you'll see a fat string of encrypted password characters. So change it to blank, and you'll see it go away in the /etc/shadow file.

# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)

Please use a combination of upper and lower case letters and numbers.
Enter new password:enter
Bad password: too short.

Warning: weak password (continuing).
Re-enter new password:enter
Password changed.
# _ 

If we don't do this step, you can't log in. Alternately, you can actually specify a non-blank root password and use it for dropbear.

Now Connect Using Your SSH Client

I use SSH Secure Shell Client (a commercial Windows program). When I point my client to the DMP1's address, I get the following box, and click YES to accept the public key.

After I accept, I am prompted to log in with a password (blank, of course!) and now I'm taken to the busybox greeting screen. I can navigate around, normally with good response.

Automating All Of These Steps

I modified the openfi_start (/storage/disc1/transfer/openfi_start) to fire up dropbear, so it's enabled all the time and I can either rlogin or ssh into the box.

In openfi_start, I copy my own shadow file over to /.etc. This shadow file is a duplicate of the file after I've set a blank password for root. (Remember, the contents of the file system are pulled from the flashmemory upon each boot-any changes you can make in the /.etc directory is volatile and must be redone each time). Then I fire up dropbear with the -F option and terminate the line with & to make openfi_start continue.

Here is a snippet from my copy of openfi_start. I've added these lines right after disabling the watchdog timer:

# enable SSH daemon
cd /storage/disc1/dropbear
if [ -x /storage/disc1/dropbear/dropbear ]
then
  mkdir /.etc/dropbear/
  cp dss  /.etc/dropbear/dropbear_dss_host_key
  cp rsa  /.etc/dropbear/dropbear_rsa_host_key
  cp shadow  /.etc/shadow     <-- This is my version of shadow with my root password 
  ./dropbear
  lcdwrite clear > /dev/null &
  lcdwrite 1 "SSH Enabled" > /dev/null &
fi

Caveat

I'll be the first to admit, it's often a little slow to respond. While it actually creates a port and a connection, dropbear sometimes doesn't respond with a shell. I usually rlogin, kill openfi_start and openfi_app before attempting the ssh connection. Perhaps you can fare better, by utilizing the inetd mode of dropbear. (hint, hint).

Additionally, this may not work with the crosstools compiler as it will throw up warnings about statically linked programs. Buildroot handles this rather well. Other libraries, such as dietlibc are said to work as well.

Other SSH Servers

• OpenSSH Free
• SSH Commercial

Related Links

• DMP1 Web Server
• DMP1 MP3 Streamer
• DMP1 GPS Nav
• Seti@Car?
• DMP1 SSHD

External Links

• Dropbear Project Page
• Buildroot cross compiler

Lumkichi 10:56, 14 Feb 2006(CST)