Results 1 to 4 of 4

Thread: Dropbear connection refused

  1. #1

    Question Dropbear connection refused

    Hi,

    I'm stuck with my dropbear installation, would appreciate if someone can help.

    These are the steps I performed:
    1) installed dropbear_0.48.1-1_mipsel.ipk just like any other packages
    2) generated my private/public keys using Puttygen and saved my private key with passphrase to a local file on my laptop
    3) created ~/.ssh and created 'authorized_keys' with my public key in a single line
    4) changed the permissions accordingly
    [pquek@(none) ~]$ ls -al
    drwxr-xr-x 3 pquek 0 128 Apr 3 08:11 .
    drwxr-xr-x 3 root 0 72 Apr 3 04:45 ..
    -rw------- 1 pquek 42000 244 Apr 3 09:54 .bash_history
    -rw-r--r-- 1 pquek 42000 184 Apr 3 05:07 .profile
    drwxr-xr-x 2 pquek 42000 80 Apr 3 09:54 .ssh
    [pquek@(none) ~]$ cd .ssh
    [pquek@(none) .ssh]$ ls -al
    drwxr-xr-x 2 pquek 42000 80 Apr 3 09:54 .
    drwxr-xr-x 3 pquek 0 128 Apr 3 08:11 ..
    -rw-r--r-- 1 pquek 42000 226 Apr 3 08:12 authorized_keys

    5) On Putty, i created a new SSH session (port 22) and pointed to my private key file.
    6) When i attempt to connect, I get "Connection refused".
    7) I check my logread and get the following:

    [pquek@(none) ~]$ logread
    Apr 3 08:42:41 utelnetd[517]: utelnetd (port: 23, ifname: br0, login: /bin/login) startup succeeded
    Apr 3 08:43:13 utelnetd: connection from: 192.168.1.2
    Apr 3 08:43:16 login[527]: root login on `pts/0'
    Apr 3 08:43:51 dropbear[531]: Failed reading '/opt/etc/dropbear/dropbear_rsa_host_key', disabling RSA
    Apr 3 08:43:51 dropbear[531]: Failed reading '/opt/etc/dropbear/dropbear_dss_host_key', disabling DSS
    Apr 3 08:43:51 dropbear[531]: premature exit: No hostkeys available
    Apr 3 08:50:23 utelnetd: connection from: 192.168.1.2

    What am I doing wrong? All the steps I followed above are in strict accordance with the prescribed tutorial at http://wl500g.info/showthread.php?t=7728.

    Any advice/help would be appreciated.

    Thanks all!

    cheers,
    Patrick

  2. #2
    I won't pretend to be a ssh expert, but I'm pretty sure you'll also need a host key. The key you entered from puttygen defines your client side identity. On the flip side, your client (putty) also needs to know it can trusts the identity of the host. This trust comes from the host key.

    - K.C.

  3. #3
    Join Date
    Feb 2005
    Location
    Germany - Frankfurt
    Posts
    1,548
    You forgot one step after installing dropbear:
    Step 1a) generate keys:
    Code:
    dropbearkey -t dss -f /opt/etc/dropbear/dropbear_dss_host_key
    dropbearkey -t rsa -f /opt/etc/dropbear/dropbear_rsa_host_key
    wengi
    Last edited by wengi; 04-04-2007 at 08:10.

  4. #4
    Quote Originally Posted by wengi View Post
    You forgot one step after installing dropbear:
    Step 1a) generate keys:
    Code:
    dropbearkey -t dss -f /opt/etc/dropbear/dropbear_dss_host_key
    dropbearkey -t rsa -f /opt/etc/dropbear/dropbear_rsa_host_key
    wengi
    Thanks kfurge and wengi! Got it working!

    After creating the 'dropbear' directory in /opt/etc after sudoing, i get generated the keys using the steps prescribed above.

    When i connected via Putty the first time, i got the following:

    Putty Security Alert

    The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is.
    The server's rsa2 key fingerprint is:
    ssh-rsa 1024 7c:as.......
    If you trust this host, hit Yes to add the key to PuTTY's cache and carry on connecting.
    If you want to carry on connecting just once, without adding the key to the cache, hit No.
    If you do not trust this host, hit Cancel to abandon the connection.

    I assumed that's nothing to worry about cos its just adding the host key for the first time.

    So in summary my understanding is as follows:

    The private/public key pair generated by Putty serves only to authenticate the client (Putty) to dropbear.
    The host key generation is required to allow the server to authenticate itself to the client (Putty)

    Thanks all for your help!!!

    cheers,
    Patrick

Similar Threads

  1. pppd падает через 5-6 часов.
    By densen2002 in forum Russian Discussion - РУССКИЙ (RU)
    Replies: 11
    Last Post: 21-10-2008, 21:10
  2. SVN Server (Connection refused)
    By Florian in forum WL-500g Q&A
    Replies: 4
    Last Post: 05-10-2007, 14:33
  3. Telnet Connection refused
    By Galleons in forum WL-500gP Firmware Discussion
    Replies: 1
    Last Post: 09-12-2006, 17:29

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •