NSLU2-Linux
view · edit · print · history
 How-To get Dropbear working and remove OpenSSH? with a minimum of fuss.

 Intro:

 Hi everyone this is the first How-To I've written, so be gentle. :)
 I'd like to start out by saying that I KNOW Telnet is inherently VERY INSECURE,
 just in case anyone is thinking about using it permanently. Although its memory
 footprint is tiny. I did use it temporarily during this process just to make
 things easier. Also I'm using Debian Etch 4.0R3


 Summary:
 The short sweet executive summary is that I logged in using openSSH, installed 
 telnetd, rebooted to test, logged in using telnet removed openSSH, rebooted again
 (OK so I'm a recovering windows user). Next I installed dropbear, rebooted, and
 removed telnetd. Then I rebooted again .. I told you I'm a recovering windows user,
 but I also wanted to make sure each step worked ... although I do have a backup of
 the root partition stored on my Kubuntu box (which I restored several times trying
 to do this without telnetd)

 Login to the slug in the usual way using SSH then using Apt's super cow powers:

 apt-get install telnetd

 .. stuff happens .. telnetd is configured and started. For the next step you will
 need a regular non-root account.

 adduser myself
   ... answer a bunch of questions about password and stuff

 now log off the SSH window, log in using telnet port 23 as a non-root user and sudo
 to gain root access.

 su -
   ...system asks for root password.

 and now to remove openSSH so that the dropbear install does not see it and disable
 itself.

 apt-get remove openssh-server

 next I rebooted the SLUG to be sure open SSH was cleared and whatnot, just type 
 reboot

 When the SLUG comes up I logged back in using telnet and again sudoing to root 
 ( su - ) then did

 apt-get install dropbear
   ... stuff happens and the dropbear install configures itself and starts.

 next log off of telnet, and login using SSH (dropbear)

 then I went and removed the highly insecure telnetd
 apt-get remove telnetd

 and wow!  Now I have (on a stripped down Etch 4.0r3 install) about 14MB of free RAM!! I also
 removed exim and some other unneeded packages, there are other articles on this around here.

 Cheers!

Alternative way:

all done as root!

apt-get install dropbear

This will end with an error because open-ssh is running.

edit /etc/default/dropbear (vi /etc/default/dropbear) and change NO_START=1 --> NO_START=0 (enables dropbear) DROPBEAR_PORT=22 --> DROPBEAR_PORT=23

run "/etc/init.d/dropbear start"

(There is now running 2 ssh servers)

exit your ssh session open a new session with your favorite ssh client on port 23 (usually reserved for telnetd) remove openssh (apt-get remove openssh-server) if this end with an error then edit /etc/init.d/ssh insert "exit 0" in line 2 (This will prevent openssh-server from starting)

edit /etc/default/dropbear (vi /etc/default/dropbear) DROPBEAR_PORT=23 --> DROPBEAR_PORT=22

reboot

Now you will be running dropbaer, without using telnetd

view · edit · print · history · Last edited by scott bednar.
Based on work by xavi, nielsnej, and Charles Santos.
Originally by Charles Santos.
Page last modified on January 02, 2009, at 04:38 PM