Hi Peter, On Thu, Mar 01, 2018 at 10:37:19AM +0100, Peter Krefting wrote: > After upgrading to 2018.76, I can no longer log in. On the dropbear end, it > complains about not being able to read the host key (/mnt/nv is the > non-volatile storage in my target HW): > > Mar 1 11:19:03 gbprobe authpriv.info dropbear[11579]: Child connection from > 10.0.30.15:50746 > Mar 1 11:19:03 gbprobe authpriv.info dropbear[11579]: Exit before auth: > Couldn't read or generate hostkey /mnt/nv/dropbear_ecdsa_host_key ... > > - Default generated ECDSA key size is now 256 (rather than 521) > > for better interoperability > > But shouldn't it keep working with already existing host keys in the other > format?
Yes it should. I can't immediately reproduce it here, what flags are you giving to Dropbear? Is /mnt/nv/dropbear_ecdsa_host_key specified with -r or as a default config path, and are there other keyfiles? ssh -vvv will print the full set of negotiated algorithms, you could send that to me (off-list if you want). The relevant revision for that changelog note is https://secure.ucc.asn.au/hg/dropbear/rev/016b86f03e21 you could try reverting that to confirm. > Confusingly, the changelog calls it "local_options.h". Additionally, I found > that the "localoptions.h" file must be placed in the build tree, not the > source tree, when doing out-of-tree builds. This makes a lot of sense, but > took me some time to figure out :-) Ah, I'll fix the docs. Thanks, Matt