[Bug 3527] New: ssh-copy-id broken for dropbear

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jan 24 08:34:27 AEDT 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3527

            Bug ID: 3527
           Summary: ssh-copy-id broken for dropbear
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: ssh-copy-id
          Assignee: unassigned-bugs at mindrot.org
          Reporter: stephan+openssh at asklandd.dk

Created attachment 3653
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3653&action=edit
ssh-copy-id with commented out dropbear bug.

The script assumes that systems running dropbear SSH server must save
the authorized key in /etc/dropbear/authorized_keys [1].  But this is
not the default for dropbear, so I think it's fair to consider it a bug
and fix it.

By default dropbear saves user ssh keys in the usual
~/.ssh/authorized_keys and therefore needs no special handling in
ssh-copy-id.

The bug affects all Buildroot systems, and anything else with an
unmodified dropbear.

I commented out the dropbear) block in my ssh-copy-id and now it works
as expected, i.e. I can ssh-copy-id to a remote running dropbear, the
keys are added to the remote ~/.ssh/authorized_keys, and I can ssh to
remote without password prompt afterwards.

It's possible this dropbear switch bug was added by someone who uses
system, that runs a modified version of dropbear, perhaps router of
some sort.


1:
https://github.com/openssh/openssh-portable/blob/master/contrib/ssh-copy-id#L338

-- 
Your,
Stephan

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list