Voxel's FW SSH Setup Confusion

3 posts / 0 new
Last post
zabolots's picture
Voxel's FW SSH Setup Confusion

I created a key pair on Windows using puttygen.exe and created an authorized_keys file to put on the router via USB. However, this part from the readme confuses me:

It is recommended to replace generic server keys in /etc/dropbear keys by
your own keys after you have an access by SSH if you did not do ‘(2)’. The
commands dropbearkey and dropbearconvert could be used from



The setssh.tar file contains these files:

drwxr-xr-x root/root  0 Nov 21 03:24 2016 autorun/
drwxr-xr-x root/root  0 Nov 21 03:24 2016 autorun/scripts/
-rwxr-xr-x root/root 1153 Nov 21 03:25 2016 autorun/scripts/post-mount.sh
-rw------- root/root    1 Mar 27 08:23 2016 authorized_keys
-rw------- root/root  242 Mar 22 10:22 2016 dropbear_ecdsa_host_key
-rw------- root/root  803 Mar 22 10:19 2016 dropbear_rsa_host_key
-rw-r--r-- root/root  268 Mar 22 10:21 2016 ssh_host_ecdsa_key.pub
-rw-r--r-- root/root  396 Mar 22 10:20 2016 ssh_host_rsa_key.pub

Am I supposed to replace the two "generic" dropbear files before putting them on the USB stick to get my authorized_keys file copied over?

If not, is there a list of steps documented somewhere that I would run on the router via SSH that will replace them after the initial SSH setup is completed?



zabolots's picture
I installed dropbear on a

I installed dropbear on a linux machine and used dropbearkey to create new version of

dropbear_ecdsa_host_key / dropbear_rsa_host_key / ssh_host_ecdsa_key.pub / ssh_host_rsa_key.pub

and I used puttygen on Windows to create a private key / public key pair for authentication.

I can connect successfully via SSH however I noticed that in addition to the 4 files mentioned abouve, /etc/dropbear also contains these two other files that don't seem to be mentioned anywhere:

dropbear_ed25519_host_key  ssh_host_ed25519_key.pub

Why does the readme not suggest to overwrite those as well? Nor does the automount script support updating them with new versions (if provided). Can I remove these to ensure only the ones I created are used?

zabolots's picture
I managed to create new

I managed to create new dropbear_ecdsa_host_key & ssh_host_ecdsa_key and put them on the flash drive before inserting into the router. After doing so, I am able to connect to the router using SSH. However, I noticed that there are other files that aren't part of the automatic file copy process described in the readme:

ll /etc/dropbear
-rw-------    1 root     root          141 Aug  9 11:19 dropbear_ecdsa_host_key
-rw-------    1 root     root           83 Jul 15 05:53 dropbear_ed25519_host_key
-rw-------    1 root     root          805 Aug  9 11:19 dropbear_rsa_host_key
-rw-r--r--    1 root     root          188 Aug  9 11:19 ssh_host_ecdsa_key.pub
-rw-r--r--    1 root     root           95 Jul 15 05:53 ssh_host_ed25519_key.pub
-rw-r--r--    1 root     root          408 Aug  9 11:19 ssh_host_rsa_key.pub

You'll notice that the files I created have a recent date while the highlighted items have the firmware creation date.

Why are these files present, why does the readme and autocopy scropt not include instructions/tasks for overwriting them? Can they be removed without affecting functionality?