subject:"dropbear\: \"Failed loading .. \" host key files warning messages"

Re: dropbear: "Failed loading .. " host key files warning messages

2018-02-22 Thread Matt Johnston

Thank you CamVan, I've applied the patch now.

Cheers,
Matt

> On Wed 21/2/2018, at 5:54 am, Camvan T Nguyen  wrote:
> 
> In our environment, we generate an RSA host key in /var/lib/dropbear and 
> start the dropbear service with the following command:
> 
> /usr/sbin/dropbear -i -r /var/lib/dropbear/dropbear_rsa_host_key -B
> 
> We are getting the following Warning messages:
> 
> Feb 20 06:08:50 witherspoon dropbear[1406]: Failed loading 
> /etc/dropbear/dropbear_rsa_host_key
> Feb 20 06:08:50 witherspoon dropbear[1406]: Failed loading 
> /etc/dropbear/dropbear_dss_host_key
> Feb 20 06:08:50 witherspoon dropbear[1406]: Failed loading 
> /etc/dropbear/dropbear_ecdsa_host_key
> 
> This is because in our environment, we don't generate the 3 types of host 
> keys in /etc/dropbear. Dropbear will first load the host key specified by the 
> -r option and then will also try to load all 3 types of host keys from the 
> default path /etc/dropbear. We propose the following patch be made to 
> dropbear svr-runopts.c such that dropbear will only load the host keys from 
> the default /etc/dropbear path if a key is not specified by the -r option.
> 
> 
> From b2048847702e00df8d404896323857f89cda215e Mon Sep 17 00:00:00 2001
> From: CamVan Nguyen 
> Date: Tue, 20 Feb 2018 15:34:00 -0600
> Subject: [PATCH 1/1] Only load dropbear default host keys if a key is not
> specified
> 
> ---
> svr-runopts.c | 9 ++---
> 1 file changed, 6 insertions(+), 3 deletions(-)
> 
> diff --git a/svr-runopts.c b/svr-runopts.c
> index 3d97023..38a1b75 100644
> --- a/svr-runopts.c
> +++ b/svr-runopts.c
> @@ -510,17 +510,20 @@ void load_all_hostkeys() {
> m_free(hostkey_file);
> }
> 
> + /* Only load default host keys if a host key is not specified by the user */
> + if (0 == svr_opts.num_hostkey_files) {
> #if DROPBEAR_RSA
> - loadhostkey(RSA_PRIV_FILENAME, 0);
> + loadhostkey(RSA_PRIV_FILENAME, 0);
> #endif
> 
> #if DROPBEAR_DSS
> - loadhostkey(DSS_PRIV_FILENAME, 0);
> + loadhostkey(DSS_PRIV_FILENAME, 0);
> #endif
> 
> #if DROPBEAR_ECDSA
> - loadhostkey(ECDSA_PRIV_FILENAME, 0);
> + loadhostkey(ECDSA_PRIV_FILENAME, 0);
> #endif
> + }
> 
> #if DROPBEAR_DELAY_HOSTKEY
> if (svr_opts.delay_hostkey) {
> --
> 1.8.2.2
> 
> 
> Thanks, 
> CamVan Nguyen
> POWER Firmware Tools Development & Support, STG
> 512-286-7756 T/L: 363-7756

dropbear: "Failed loading .. " host key files warning messages

2018-02-20 Thread Camvan T Nguyen



In our environment, we generate an RSA host key in /var/lib/dropbear and
start the dropbear service with the following command:

/usr/sbin/dropbear -i -r /var/lib/dropbear/dropbear_rsa_host_key -B

We are getting the following Warning messages:

Feb 20 06:08:50 witherspoon dropbear[1406]: Failed
loading /etc/dropbear/dropbear_rsa_host_key
Feb 20 06:08:50 witherspoon dropbear[1406]: Failed
loading /etc/dropbear/dropbear_dss_host_key
Feb 20 06:08:50 witherspoon dropbear[1406]: Failed
loading /etc/dropbear/dropbear_ecdsa_host_key

This is because in our environment, we don't generate the 3 types of host
keys in /etc/dropbear.  Dropbear will first load the host key specified by
the -r option and then will also try to load all 3 types of host keys from
the default path /etc/dropbear.  We propose the following patch be made to
dropbear svr-runopts.c such that dropbear will only load the host keys from
the default /etc/dropbear path if a key is not specified by the -r option.


>From b2048847702e00df8d404896323857f89cda215e Mon Sep 17 00:00:00 2001
From: CamVan Nguyen 
Date: Tue, 20 Feb 2018 15:34:00 -0600
Subject: [PATCH 1/1] Only load dropbear default host keys if a key is not
 specified

---
 svr-runopts.c | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/svr-runopts.c b/svr-runopts.c
index 3d97023..38a1b75 100644
--- a/svr-runopts.c
+++ b/svr-runopts.c
@@ -510,17 +510,20 @@ void load_all_hostkeys() {
m_free(hostkey_file);
}

+   /* Only load default host keys if a host key is not specified by the
user */
+   if (0 ==  svr_opts.num_hostkey_files) {
 #if DROPBEAR_RSA
-   loadhostkey(RSA_PRIV_FILENAME, 0);
+   loadhostkey(RSA_PRIV_FILENAME, 0);
 #endif

 #if DROPBEAR_DSS
-   loadhostkey(DSS_PRIV_FILENAME, 0);
+   loadhostkey(DSS_PRIV_FILENAME, 0);
 #endif

 #if DROPBEAR_ECDSA
-   loadhostkey(ECDSA_PRIV_FILENAME, 0);
+   loadhostkey(ECDSA_PRIV_FILENAME, 0);
 #endif
+   }

 #if DROPBEAR_DELAY_HOSTKEY
if (svr_opts.delay_hostkey) {
--
1.8.2.2


Thanks,
CamVan Nguyen
POWER Firmware Tools Development & Support, STG
512-286-7756 T/L: 363-7756

Re: dropbear: "Failed loading .. " host key files warning messages

dropbear: "Failed loading .. " host key files warning messages

2 matches

Site Navigation

Mail list logo

Footer information