DROPBEAR SSH VULNERABILITY DISCOVERED

Accessible Issue Dropbear 2024.84, a compact server and SSH client commonly used on embedded systems like wireless routers and distributions similar to OpenWRT, has been released. Dropbear is known for its low memory consumption, the ability to disable unnecessary features during compilation, and the capability to build both client and server in a single executable file similar to Busybox. The statically linked Dropbear executable only takes up 110KB when bound with UCLIBC. Additionally, Dropbear supports X11 forwarding, works with OpenSSH keys (~/.SSH/AUTHORIZED_KEYS), and can create multi-hop connections through a transit host. The project is written in C language and distributed under a license similar to MIT.

In the latest release:

  • Improved Openssh compatibility for SSH and SSH-KEYGEN commands.
  • User entry now requires the presence of an “x” flag in the password hash field in /etc/passwd, e.g., “user1: x: 1003: 1003 ::/home/user1:/bin/sh.” Users without this flag will be unable to log in.
  • Batchmode options and StickthostKeyChecking are now available for SSH tunnels: SSH -O -Batchmode = Yes -o StickthostKeychecking = YES.
  • Added the ability to pass UNIX permissions through Dropbear SSH tunnels.
  • “Dropbear Ssh-Keygen” can now be used as an alias for the Dropbearkey command in the SSH-KEYGEN system.
  • When generating keys, the public key (ID_ED25519.PUB) is now saved separately.
  • DbClient now supports the ~/.SSH/dropbear_config file with various SSH_CONFIG options: Host, Hostname, Port, User, and IdentityFile. This feature is disabled by default in compilation.
  • Strict key exchange (Stickt Kex) support has been added.
  • Several “Y2038 problems” have been fixed.
/Reports, release notes, official announcements.