Kei te watea a Dropbear 2024.84, he tūmau SSH kiato me te kiritaki i whakamahia tuatahi ki runga i nga punaha whakauru penei i nga pouara ahokore me nga tohatoha pera i a OpenWrt. Ko te Dropbear e tohuhia ana e te iti o te kohi mahara, te kaha ki te whakakore i nga mahi koretake i te waahanga hanga, me te tautoko mo te hanga i te kaihoko me te kaimau i roto i te konae kotahi, he rite ki te busybox. Ina hono ana ki te uClibc, ko te Dropbear executable he 110kB anake. Ka tautoko a Dropbear i te tuku whakamua X11, he hototahi ki te konae matua OpenSSH (~/.ssh/authorized_keys) ka taea te hanga hononga-maha me te tuku whakamua ma te kaihautu whakawhiti. Kua tuhia te kaupapa ki te C me te tohatoha i raro i te raihana rite ki te MIT.
I roto i te tukunga hou:
- Kua pai ake te hototahi OpenSSH mo nga whakahau ssh me ssh-keygen.
- I te wa e takiuru ana, me whai te kaiwhakamahi i te haki "x" i roto i te mara hash kupuhipa i roto i /etc/passwd, hei tauira, "kaiwhakamahi1:x:1003:1003::/home/user1:/bin/sh" . Ko nga kaiwhakamahi kaore tenei haki e kore e taea te takiuru.
- Kua taapirihia nga whiringa BatchMode me StrictHostKeyChecking ki te dbclient, whai hua mo nga kohanga SSH: ssh -o BatchMode=ae -o StrictHostKeyChecking=ae
- I taapirihia te kaha ki te tuku i nga turanga UNIX ma roto i te kohanga i hangaia ma te Dropbear SSH.
- Engari i te whakahau dropbearkey, ka whakaaetia ki te karanga "dropbear ssh-keygen", i.e. ka taea te whakamahi inaianei hei ingoa ingoa i roto i te punaha mo te ssh-keygen.
- I te wa e whakaputa ana i te taviri, ka whakapumautia he rokiroki motuhake o te matua whanui (id_ed25519.pub).
- He tautoko taapiri mo te konae ~/.ssh/dropbear_config ki te dbclient me nga whiringa maha mai i te ssh_config: Kaihautu, HostName, Tauranga, Kaiwhakamahi me te IdentityFile. Inaianei kua monoa tenei mahi ma te taunoa i te wa e whakahiato ana.
- He tautoko taapiri mo te whakawhitinga matua tino (Strict KEX).
- Kua whakatikahia etahi "take 2038" (Y2038).
Source: opennet.ru
