Trace: dropbear

dropbear

Configuration

  • Port 222
  • Disallow root password logins

Gentoo 

DROPBEAR_OPTS="-p 222 -g"

CentOS

Edit /etc/sysconfig/dropbear and add: 

DROPBEAR_OPTS="-p 222 -g"

Debug Configuration / Login Issues

Disable background fork and log to stdout. 

dropbear -F -E -p 222
Options

Dropbear options:

  • -w - disable root login
  • -s - disable password authentication
  • -p - use port #
  • -F - Don't fork in background (for inittab)
  • -g - no root password logins
inittab
/usr/sbin/dropbear -F -g -p 222

FreeBSD

You need to patch /usr/ports/security/dropbear/files/dropbear.in with this file: dropbear_args patch 

cd /usr/ports/security/dropbear && make clean install
mkdir -p /usr/local/etc/dropbear
echo dropbear_enable=YES >> /etc/rc.conf
echo dropbear_args=\"-p 222\" >> /etc/rc.conf
/usr/local/etc/rc.d/dropbear keygen
/usr/local/etc/rc.d/dropbear start

Ubuntu

Configuration file is at /etc/default/dropbear: 

NO_START=0
DROPBEAR_PORT=222
DROPBEAR_EXTRA_ARGS=""

# Disable root logins
DROPBEAR_EXTRA_ARGS="-w $DROPBEAR_EXTRA_ARGS"

# Disable password logins
DROPBEAR_EXTRA_ARGS="-s $DROPBEAR_EXTRA_ARGS"

# Disable password logins for root
DROPBEAR_EXTRA_ARGS="-g $DROPBEAR_EXTRA_ARGS"