This is done on top of Kfurge's firmware, with dropbear installed according to his instructions from the optware/oleg repository. This already gives you secure file transfer through scp, but I needed sftp too. This seems easy, but there is a trick : read through the end.

sftp-server is in the openssh package. The easy way to install it is

sudo ipkg update
sudo ipkg install openssh

is also requires openssl and zlib, so :

sudo ipkg install openssl
sudo ipkg install zlib

Now the trick to make it work:

WARNING : Before you do this trick, it's really wise to reactivate telnet access in rc.local, just in case you screw up your dropbear and lock yourself out of your router...

The dropbear version I which got installed following the instructions (0.48.1-1) is hard-coded to launch sftp-server from /usr/libexec while it gets installed on the hdd in /opt/libexec (the standard "optware" path, hence the name). I did not feel like setting up a development environment to recompile my own dropbear version. I did it the lazy and dirty way, simply changing "usr" to "opt" right in the binary, and it worked!

To do this, I transfered the dropbear binary (/opt/sbin/dropbearmulti ; dropbear is just a link to this file) to my Ubuntu pc and used sed:

sed 's/\/usr\/libexe/\/opt\/libexe/g' dropbearmulti > dropbearmod

and then replaced the original binary by the new file, with proper rights.

I saw afterwards that sed comes with busybox, so you should be able to do this trick in place. I didn't try.

Hi,

I've followed your instructions. However, when I try to install openssh it warns me that it wants to overwrite some dropbear executables, namely ssh.

How should I proceed? Uninstall dropbear, install openssh and re-install dropbear with -force-overwrite so that it can install its own executables?

Regards,

PVarela

Actually, IMHO dropbear and sshd are two options to have ssh server. I don't see the reason why you want to keep both.

At least on wl500gp if you want to have sftp-server with dropbear, it is enough just to ipkg install dropbear. You obtain executable on the hdd which replaces the one in the firmware, and it runs /opt/libexec/sftp-server correctly.

Hi,

As far as I was able to look dropbear doesn't include sftp-server. So, what I did to get sftp working with dropbear was:

1 - uninstalled dropbear : sudo ipkg remove dropbear (FIRST enable telnet login, otherwise you'll be locked out of the router).

2 - installed openssh : sudo ipkg install openssh

3 - copy /opt/libexec/sftp-server to sftp-server.backup

4 - uninstall openssh : sudo ipkg remove openssh

5 - re-install dropbear : ipkg install dropbear

6 - patch /opt/sbin/dropbearmulti to enable access to /opt/libexec/sftp-server by following velovite instructions.

Probably it is not the most elegant solution to the problem but it worked.

Regards,

PVarela

good that you found solution yourself. Unfortunately my previous message contained misinformation.

I checked that I run built-in dropbear, and I have openssh installed. External dropbear is not installed. However, /opt/libexec/sftp-server is started correctly when incoming request comes without special set up... :confused:

There's a package

openssh-sftp-server

Just install this, patch dropbear as described, that's it.

In full:

ipkg install openssh-sftp-server
ipkg install sed

cd /opt/sbin

cp dropbearmulti dropbearmulti.bk

sed 's/\/usr\/libexe/\/opt\/libexe/g' dropbearmulti > dropbearmod

mv dropbearmod dropbearmulti

chmod 755 dropbearmulti
chown root:root dropbearmulti

reboot


That's all.

I didn't even have to do that. On my wl500g router all I did was install openssh-sftp-server and it worked immediately with no hacking. I am using the stock dropbear server however. On the other hand if you are using dropbearmulti then I assume it will be required to hack the binary so it points to the correct location. ;)