dropbear authentication
Hi All, ho can I login as root user with an empty password? Do I need to hack the code or I have to configure dropbear in special way? Welcome advice, Regards, Giuseppe
Re: dropbear authentication
Giuseppe Cavallaro wrote: Hi All, ho can I login as root user with an empty password? Do I need to hack the code or I have to configure dropbear in special way? Welcome advice, Regards, Giuseppe As far as I know, you can if you use keys to get in. If there's another solution, I'm pretty interested.
Re: dropbear authentication
On Wed, Aug 08, 2007 at 08:25:00AM +0200, Giuseppe Cavallaro wrote: Hi All, ho can I login as root user with an empty password? Do I need to hack the code or I have to configure dropbear in special way? It already should work. As a test, I set up the root user on an Ubuntu 7.04 system to have an entry in /etc/shadow of root:R7gIX4dJJcCFw:13612:0:9:7::: and it worked fine. R7gIX4dJJcCFw is just the crypt of an empty password - the Linux password utility wouldn't let me set it manually. You still have to press enter in your client to log in - Dropbear 0.50's dbclient will provide the ability to set DROPBEAR_PASSWORD= and avoid that. I assume you're running this on a closed network or something -- otherwise it'd be a tad insecure. Matt
Re: dropbear authentication
Hi On 08/08/2007, Matt Johnston [EMAIL PROTECTED] wrote: On Wed, Aug 08, 2007 at 08:25:00AM +0200, Giuseppe Cavallaro wrote: Hi All, ho can I login as root user with an empty password? Do I need to hack the code or I have to configure dropbear in special way? It already should work. As a test, I set up the root user on an Ubuntu 7.04 system to have an entry in /etc/shadow of root:R7gIX4dJJcCFw:13612:0:9:7::: and it worked fine. R7gIX4dJJcCFw is just the crypt of an empty password - the Linux password utility wouldn't let me set it manually. Thanks, it works like a charm! You still have to press enter in your client to log in - Dropbear 0.50's dbclient will provide the ability to set DROPBEAR_PASSWORD= and avoid that. I assume you're running this on a closed network or something -- otherwise it'd be a tad insecure. I'm using dropbear 0.49 on an embedded system based on uClibc with a private network (p2p). Just another question: Is it possible to totally skip authentication phase with dropbear? I mean, using telnet or ssh (but configuring the latter) I'm able to login without entering password and login. In this case my root entry in passwd is root::0:0 ... Thanks a lot Ciao Giuseppe Matt
Re: dropbear authentication
On Wed, Aug 08, 2007 at 09:53:12AM +0200, Giuseppe Cavallaro wrote:
Just another question:
Is it possible to totally skip authentication phase with dropbear?
I mean, using telnet or ssh (but configuring the latter) I'm able to login
without entering password and login.
In this case my root entry in passwd is root::0:0 ...
There's a hardcoded check in checkusername() that won't
allow an empty password crypt since that's a common
misconfiguration. If the user has an OK entry in /etc/passwd
though, you can make Dropbear skip auth fairly easily, see
the patch below.
Matt
--- svr-auth.c dbd28ab1fff172ca3f2e4cb756ec53b74b48b6b3
+++ svr-auth.c 70235853e723eb3b7557be219aace2406ed45bb1
@@ -124,15 +124,6 @@ void recv_msg_userauth_request() {
dropbear_exit(unknown service in auth);
}
- /* user wants to know what methods are supported */
- if (methodlen == AUTH_METHOD_NONE_LEN
- strncmp(methodname, AUTH_METHOD_NONE,
- AUTH_METHOD_NONE_LEN) == 0) {
- TRACE((recv_msg_userauth_request: 'none' request))
- send_msg_userauth_failure(0, 0);
- goto out;
- }
-
/* check username is good before continuing */
if (checkusername(username, userlen) == DROPBEAR_FAILURE) {
/* username is invalid/no shell/etc - send failure */
@@ -141,45 +132,8 @@ void recv_msg_userauth_request() {
goto out;
}
-#ifdef ENABLE_SVR_PASSWORD_AUTH
- if (!svr_opts.noauthpass
- !(svr_opts.norootpass ses.authstate.pw-pw_uid == 0)
) {
- /* user wants to try password auth */
- if (methodlen == AUTH_METHOD_PASSWORD_LEN
- strncmp(methodname, AUTH_METHOD_PASSWORD,
- AUTH_METHOD_PASSWORD_LEN) == 0) {
- svr_auth_password();
- goto out;
- }
- }
-#endif
+ send_msg_userauth_success();
-#ifdef ENABLE_SVR_PAM_AUTH
- if (!svr_opts.noauthpass
- !(svr_opts.norootpass ses.authstate.pw-pw_uid == 0)
) {
- /* user wants to try password auth */
- if (methodlen == AUTH_METHOD_PASSWORD_LEN
- strncmp(methodname, AUTH_METHOD_PASSWORD,
- AUTH_METHOD_PASSWORD_LEN) == 0) {
- svr_auth_pam();
- goto out;
- }
- }
-#endif
-
-#ifdef ENABLE_SVR_PUBKEY_AUTH
- /* user wants to try pubkey auth */
- if (methodlen == AUTH_METHOD_PUBKEY_LEN
- strncmp(methodname, AUTH_METHOD_PUBKEY,
- AUTH_METHOD_PUBKEY_LEN) == 0) {
- svr_auth_pubkey();
- goto out;
- }
-#endif
-
- /* nothing matched, we just fail */
- send_msg_userauth_failure(0, 1);
-
out:
m_free(username);
Re: dropbear authentication
Hi Matt, It works fine if I set root:R7gIX4dJJcCFw:... in passwd file. So I'd like to have the same scenario but using root::... in passwd. Is it possible? Thanks a lot for your excellent support, Giuseppe There's a hardcoded check in checkusername() that won't allow an empty password crypt since that's a common misconfiguration. If the user has an OK entry in /etc/passwd though, you can make Dropbear skip auth fairly easily, see the patch below. Matt
