Results 1 to 11 of 11

Thread: How to to get sftp access with dropbear

  1. #1

    How to to get sftp access with dropbear

    This is done on top of Kfurge's firmware, with dropbear installed according to his instructions from the optware/oleg repository. This already gives you secure file transfer through scp, but I needed sftp too. This seems easy, but there is a trick : read through the end.

    sftp-server is in the openssh package. The easy way to install it is

    sudo ipkg update
    sudo ipkg install openssh

    is also requires openssl and zlib, so :

    sudo ipkg install openssl
    sudo ipkg install zlib

    Now the trick to make it work:

    WARNING : Before you do this trick, it's really wise to reactivate telnet access in rc.local, just in case you screw up your dropbear and lock yourself out of your router...

    The dropbear version I which got installed following the instructions (0.48.1-1) is hard-coded to launch sftp-server from /usr/libexec while it gets installed on the hdd in /opt/libexec (the standard "optware" path, hence the name). I did not feel like setting up a development environment to recompile my own dropbear version. I did it the lazy and dirty way, simply changing "usr" to "opt" right in the binary, and it worked!

    To do this, I transfered the dropbear binary (/opt/sbin/dropbearmulti ; dropbear is just a link to this file) to my Ubuntu pc and used sed:

    sed 's/\/usr\/libexe/\/opt\/libexe/g' dropbearmulti > dropbearmod

    and then replaced the original binary by the new file, with proper rights.

    I saw afterwards that sed comes with busybox, so you should be able to do this trick in place. I didn't try.

  2. #2

    Openssh wants to overwrite dropbear exectables

    Hi,

    I've followed your instructions. However, when I try to install openssh it warns me that it wants to overwrite some dropbear executables, namely ssh.

    How should I proceed? Uninstall dropbear, install openssh and re-install dropbear with -force-overwrite so that it can install its own executables?

    Regards,

    PVarela

  3. #3
    Join Date
    Feb 2007
    Location
    Moscow, Russia
    Posts
    3,805
    Actually, IMHO dropbear and sshd are two options to have ssh server. I don't see the reason why you want to keep both.

    At least on wl500gp if you want to have sftp-server with dropbear, it is enough just to ipkg install dropbear. You obtain executable on the hdd which replaces the one in the firmware, and it runs /opt/libexec/sftp-server correctly.

  4. #4

    Solved!

    Hi,

    As far as I was able to look dropbear doesn't include sftp-server. So, what I did to get sftp working with dropbear was:

    1 - uninstalled dropbear : sudo ipkg remove dropbear (FIRST enable telnet login, otherwise you'll be locked out of the router).

    2 - installed openssh : sudo ipkg install openssh

    3 - copy /opt/libexec/sftp-server to sftp-server.backup

    4 - uninstall openssh : sudo ipkg remove openssh

    5 - re-install dropbear : ipkg install dropbear

    6 - patch /opt/sbin/dropbearmulti to enable access to /opt/libexec/sftp-server by following velovite instructions.

    Probably it is not the most elegant solution to the problem but it worked.

    Regards,

    PVarela

  5. #5
    Join Date
    Feb 2007
    Location
    Moscow, Russia
    Posts
    3,805
    good that you found solution yourself. Unfortunately my previous message contained misinformation.

    I checked that I run built-in dropbear, and I have openssh installed. External dropbear is not installed. However, /opt/libexec/sftp-server is started correctly when incoming request comes without special set up...

  6. #6
    There's a package

    openssh-sftp-server

    Just install this, patch dropbear as described, that's it.

    In full:
    Code:
    ipkg install openssh-sftp-server
    ipkg install sed
    
    cd /opt/sbin
    
    cp dropbearmulti dropbearmulti.bk 
    
    sed 's/\/usr\/libexe/\/opt\/libexe/g' dropbearmulti > dropbearmod
    
    mv dropbearmod dropbearmulti
    
    chmod 755 dropbearmulti
    chown root:root dropbearmulti
    
    reboot
    That's all.
    Last edited by xtin; 04-05-2008 at 22:47.

  7. #7
    I didn't even have to do that. On my wl500g router all I did was install openssh-sftp-server and it worked immediately with no hacking. I am using the stock dropbear server however. On the other hand if you are using dropbearmulti then I assume it will be required to hack the binary so it points to the correct location.

  8. #8

    problem with sftp / wl500g ??

    Hi all,

    Sorry to open up an old thread, but I also have a wl-500g:

    Quote Originally Posted by shinji257 View Post
    I didn't even have to do that. On my wl500g router all I did was install openssh-sftp-server and it worked immediately ....
    This is what I get via telnet session:

    Code:
    $ ipkg update
    Downloading http://wl500g.dyndns.org/ipkg/Packages
    Updated list of available packages in /opt/lib/ipkg/lists/wl500g
    Downloading http://ipkg.nslu2-linux.org/feeds/unslung/wl500g/Packages
    Updated list of available packages in /opt/lib/ipkg/lists/unslung
    Successfully terminated.
    $ ipkg install openssh-sftp-server
    Nothing to be done
    An error ocurred, return value: 4.
    Collected errors:
    Cannot find package openssh-sftp-server.
    Check the spelling or perhaps run 'ipkg update'
    Is this package gone now? Using firmware 1.9.2.7-9...

    Thanks...

    EDIT: Fixed as per pvarela's instructions in #4, except no patching was needed for me (/usr/sbin/dropbear already pointed to /opt/libexec/sftp-server)
    Last edited by nanomir; 14-12-2008 at 19:17.

  9. #9
    Actually your update reveals that ipkg is pointing to the wrong ipkg list. That is the old location. here was the output from my search list.
    [shinji@WL-XXXXXXXXXXXX root]$ ipkg update
    Downloading http://ipkg.nslu2-linux.org/feeds/op...table/Packages
    .gz
    Inflating http://ipkg.nslu2-linux.org/feeds/op...ble/Packages.g
    z
    Updated list of available packages in /opt/lib/ipkg/lists/optware
    Successfully terminated.
    [shinji@WL-XXXXXXXXXXXX root]$ ipkg list | grep openssh-sftp-server
    openssh-sftp-server - 5.1p1-1 - sftp-server only from a FREE version of the SSH
    protocol suite of network connectivity tools.
    [shinji@WL-XXXXXXXXXXXX root]$ ipkg list_installed | grep openssh
    openssh - 5.1p1-1 - a FREE version of the SSH protocol suite of network connecti
    vity tools.
    openssh-sftp-server - 5.1p1-1 - sftp-server only from a FREE version of the SSH
    protocol suite of network connectivity tools.
    Yours is pointing to http://ipkg.nslu2-linux.org/feeds/un...l500g/Packages but mine is pointing to the newer http://ipkg.nslu2-linux.org/feeds/op...le/Packages.gz. I think you were supposed to install ipkg-opt early on so it points to the new repository. I found that note in the changelog for 1.9.2.7-8. I have 1.9.2.7-10 installed right now.
    WL500g Premium R1.14 with 128MB mod and serial port mod
    Oleg 1.9.2.7-10 - Lighttpd w/ PHP using eAccelerator - multi-user ready - dropbear secured setup

  10. #10
    Hi Shinji,

    Thanks for your answer ! You're absolutely right, seems in the meantime I managed to somehow update (maybe via ipkg-opt? cannot remember), so now I have ipkg list link shown same as yours..

    Part of my problem could have been that:
    Quote Originally Posted by shinji257 View Post
    ..... I have 1.9.2.7-10 installed right now.
    And I think WL500g users are supposed to stop at ..-9:

    Quote Originally Posted by ASUS WL-500g custom firmware page, [url
    http://oleg.wl500g.info/[/url] ]
    WL-500g/WL-300g/WL-500b/WL-500bv2/WL-HDD units are no longer supported in new firmware builds: use 1.9.2.7-9 as latest.
    But, I'm glad all is fine now

    Thanks,
    Cheers !

  11. #11

    Talking

    i got the latest firmware x.x.10
    i just installed openssh-sftp-server
    found it, and started it up
    no config to either dropbear or sftp, just works
    WL-500gp (Premium) v2
    transmission, dropbear, open-sftp, samba2, mediatomb(PS3), midnight commander

Similar Threads

  1. Replies: 3
    Last Post: 01-11-2014, 14:16
  2. Cannot access FTP from outside the router?
    By Rasmuskarlsen in forum WL-500gP Q&A
    Replies: 2
    Last Post: 23-05-2007, 22:10
  3. How to setup and get Dropbear ssh working?
    By kopi_bean in forum WL-700g Firmware Discussion
    Replies: 34
    Last Post: 20-04-2007, 00:25
  4. remote access to WL-500G
    By pavelv2 in forum WL-500g Q&A
    Replies: 3
    Last Post: 15-06-2006, 12:22

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •