root@OpenWrt:~# ssh -l you -p 2200 localhost
The reason that the direct login to remote forwarded port doesn't work is - "dropbear binds remote port forwardings to
the loopback address. This prevents other remote hosts from connecting to forwarded ports."
To fix it, you can recompile dropbear for your router.
Recompiling dropbear for OpenWRT
To recompile dropbear for your router, you need 'build toolchain' for your router platform. For WRT54G it is
mipsel. You can get mipsel build toolchain for x86 host from the following link-
http://downloads.openwrt.org/people/...i686-1.tar.bz2
Download and extract this file on a linux machine. Also download dropbear source package and follow the
instructions below to compile dropbear-
1. Set path variable to include path to build toolchain utilities:
4 of 6
Defeating Firewalls : Sneaking Into Office Computers From Home
export PATH=$PATH:~/OpenWrt-SDK-Linux-i686-1/staging_dir_mipsel/bin
2. cd into dropbear source directory and issue following command to configure dropbear -
./configure --build=i686-pc-linux-gnu --host=mipsel-linux \
--prefix=$HOME --disable-zlib --disable-lastlog
3. Edit options.h (not necessary in many cases)
#define DROPBEAR_RANDOM_DEV "/dev/random"
to
#define DROPBEAR_RANDOM_DEV "/dev/urandom"
4. Edit tcp-accept.c
98c98
< nsocks = dropbear_listen("", portstring, socks,
---
> nsocks = dropbear_listen(NULL, portstring, socks,
5. Compile
make PROGRAMS="dropbear" STATIC=1
6. Strip
mipsel-linux-strip dropbear
Transfer this compiled dropbear to your router. You can use wget or scp available on OpenWRT to transfer this
file. Test this binary by running it on some other port. Once you are sure that it's running fine, replace original
one with this binary.