Menu
What's new
By:
Filters Better Search

What is Dropbear and why do I have it?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

O

Oracle

Regular Contributor
I was going through my logs and found a lot of these:
Jun 17 09:23:50 dropbear[30247]: Child connection from 192.168.20.186:52905
Jun 17 09:23:57 dropbear[30247]: Password auth succeeded for 'admin' from 192.168.20.186:52905
Click to expand...

Say what? Password succeeded?
I don't remember installing this, nor do I have it on my Windows machine.
What is it used for, where did it come from and shall I stop it? And how?
Is it the SSH I use via PuTTY?
 
Oracle said:
I was going through my logs and found a lot of these:


Say what? Password succeeded?
I don't remember installing this, nor do I have it on my Windows machine.
What is it used for, where did it come from and shall I stop it? And how?
Is it the SSH I use via PuTTY?
Click to expand...


Dropbear is built into the firmware.
 
Nice.
So these logins are my PuTTY sessions.

Can this be used to set up an sFTP server or something like that? And is it a good idea to make it accessible from outside?
I currently have OpenVPN and Samba but both the VPN and Samba add overhead on top of each other. And Samba sometimes gives me trouble.
 
Oracle said:
Nice.
So these logins are my PuTTY sessions.

Can this be used to set up an sFTP server or something like that?
Click to expand...
I don't know since I've never needed an SFTP on the router.

Oracle said:
And is it a good idea to make it accessible from outside?
I currently have OpenVPN and Samba but both the VPN and Samba add overhead on top of each other. And Samba sometimes gives me trouble.
Click to expand...
There was a discussion about this very topic on this forum. You can find my personal take here on this post:
www.snbforums.com

Remote router management

So I have read that accessing your router GUI remotely is more secure using a VPN instead of enabling the WAN access settings in router. Does someone have a link to guide on what is involved to get this working? I have an RT-AX86U router and am using Asus DDNS service. Do I just enable a VPN...
www.snbforums.com www.snbforums.com

As a general rule, I try to limit the router's duties to only the essential network operations, so I don't have a lot of other "stuff" running in the background. I have a NAS & file/media server on separate devices so the router itself is kept fairly lean. I primarily work from home (since the pandemic started), my wife works 3 times a week from home, and my 2 sons are taking their college courses online, so we rely heavily on the network router every day, which is why I don't add anything on it that I don't really need. I do have one OpenVPN Server set up for the rare occasion that I need access to the router from the outside, have added one 3rd-party add-on (YazFi), and have my own personal scripts installed. That's it. So far the RT-AC86 has been good to us. Aside from the "stuck nvram & wl commands" problem, I have not experienced any other issues that I've read about here (high CPU temperatures, faulty WiFi radios, not coming up after a reboot, etc.), so you can say that I've been very lucky in that regard. Hopefully, this router will last a couple of more years. I have two spare GL.iNet routers that I use when I'm traveling, so that's my current backup in case the RT-AC86U craps out all of a sudden. Anyway, that's probably more than you wanted to know.
 
That's fine.
I have a hosting provider for the important stuff but I also want to setup a few basic services directly on the router as a backup resource.
 
Oracle said:
Nice.
So these logins are my PuTTY sessions.

Can this be used to set up an sFTP server or something like that? And is it a good idea to make it accessible from outside?
I currently have OpenVPN and Samba but both the VPN and Samba add overhead on top of each other. And Samba sometimes gives me trouble.
Click to expand...
The Rule#1 and only of secure router management: "The only port opened to the WAN side ever shall be the port on which the OpenVPN server listens on." :) All other tasks should be performed through OpenVPN tunnel.
 
So here's where I stumbled.
Installed openssh-sftp-server, opened FileZilla and I was able to login directly with the admin password and get access to eeeverything.
I was expecting I'd have to setup a separate group and user, then assign the user to default home directory, etc.
How do I take away the admin access and only set a limited user with this thing?
Also, how do I see what services are running on the router? Shall I expect the vsftpd to start up on its own after next reboot?
 
Oracle said:
I was expecting I'd have to setup a separate group and user, then assign the user to default home directory, etc.
How do I take away the admin access and only set a limited user with this thing?
Click to expand...
As I said in the other thread, this isn't a multi-user Linux distro (it doesn't even have a useradd command). You could probably do it with a lot of faffing around with custom configs and scripts, but personally I wouldn't bother.

Oracle said:
Also, how do I see what services are running on the router? Shall I expect the vsftpd to start up on its own after next reboot?
Click to expand...
Code: 
ps w
 
Hm, ok, I'll park this particular crazy idea.
Although, in theory, it should be possible.
If Asus could do their ftp implementation with users and permissions, why not allow for an sftp version of it?
 
Oracle said:
If Asus could do their ftp implementation with users and permissions, why not allow for an sftp version of it?
Click to expand...
Because they probably see no real reason to implement SFTP support in a home consumer router. It's a very niche application that only a small fraction of people would use.
 
And it's just another opportunity for exploits and something for people to not properly setup and secure.
 
Well, I got the impression Asus offered some kind of aidisk / aicloud feature that exposed files on attached USB storage to the Internet. How does this feature work and how is it secured?
 
You must log in or register to reply here.

Similar threads

P
Issues with RT-AX92U running 388.2_2_0-gnuton1
Replies
6
Views
1K
tom.moughan
T
tRiFFiD
Custom DDNS not auto updating
Replies
1
Views
461
bbunge
bbunge
M
ac86u Dual core occupancy is 100% and stuck
Replies
1
Views
384
drinkingbird
drinkingbird
K
ZenWifi AX xt8 - egress port already in use error
Replies
0
Views
2K
Kickbut101
K
A
SSH by Authorized Keys without username and password Asus Router
Replies
10
Views
2K
Jeffrey Young
J
Similar threads
Thread starter Title Forum Replies Date
corgan2224 RT-AX88U creates a lot of dropbear processes after update Asuswrt-Merlin 8
W Is there any way to set additional Dropbear startup options? Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 533 (members: 9, guests: 524)
Top