Drobo

DroboApp announcement: OpenSSH 5.8p2

OpenSSH has received a security update, so I have updated the DroboApp as well.

As usual, you can find the DroboApp package and the compilation tutorial here: https://sites.google.com/a/droboports.com/www/app-repository/openssh-5-8p2

This compilation tutorial also introduces a couple, dare I say, improvements over the previous one:

  1. The server is now statically compiled, so no more messages about missing libraries.
  2. Binaries have been striped, so some of them are actually smaller than before.
  3. The startup script includes all the fixes from the previous version.
  4. Even with static linking, the download remains about the same size.

There are also instructions to upgrade your current openssh install without losing any configuration, and without needing to reboot the FS.

Comments, suggestions and feedback are welcome.

Is the easiest way to install this to simply grab the complete DroboApps package and push it over the machine or do I still need to compile this on my own?

The purpose of the site is to document the full sequence of steps that takes you from zero to the DroboApp package. But as a convenience to visitors, I also provide a link to the .tgz file, which is the DroboApp package. In other words, you can just download the .tgz and put it on the DroboApps share. No need to compile everything from scratch.

Be careful, though, that not all DroboApps are created equal. Some of them, such as openssh, require some special extra steps in order to run. Check the “final remarks” section to see if any extra steps are needed (hint: for openssh there are some if you are currently running dropbear).

Thanks Ricardo. I was playing with it but haven’t successfully gotten it to run even after dropbear was removed from the FS. I’ll go back and play with it some more, I just wanted to make sure that I wasn’t missing anything by just downloading the .tgz.

-J.P.

Ludedude,
Just downloading the .tgz won’t work. You’ll have to install it as well. I had to use Dropbear to install OpenSSH, then delete Dropbear. The basic sequence was something like:

#cd /mnt/DroboFS/Shares/DroboApps/
#wget http://www.droboports.com/app-repository/openssh-5-8p2/openssh.tgz
#DroboApps.sh install
#./dropbear/service.sh stop
#./openssh/service.sh start

Before logging out, try logging in to the server again with a new ssh connection window. If that works, then OpenSSH is running fine and you can uninstall Dropbear.

Thanks Ricardo, for making this package available!

You’re welcome! :slight_smile:

Thanks for that reply. I’m pretty sure I had OpenSSH running, but it was rejecting requests on port 22. At some point too I had an issue with no keys being available or keys not being generated but it’s been a few days since I looked at it.

I’ll rip it all out and then try your method.

And yes, thanks too to Ricardo for making this available. :slight_smile:

J.P.

Well somehow the secret sauce worked this time around.

Shibboleth: Just FYI, the wget instance in the DroboFS doesn’t like the droboports link as it redirects to an https:// URL and it doesn’t recognize that as a valid source. Solution was to drop the .tgz into the DroboApps share from Finder and then run the shell scripts from dropbear to install and start it.

Thanks for the help! It now seems my FS is up an running with openSSH but more importantly SFTP works now :smiley:

J.P.

The startup script for openssh should generate the keys if they are missing, but it won’t kill dropbear if it is running.

You’re welcome. :)[hr]

You can find a version of wget that supports HTTPS here. At some point I plan on making a version of the wget DroboApp to permanently replace the one that ships with the FS, but that is a low priority thing.

Thanks for the pointer to the wget update. I agree it’s low priority, hell we’re lucky if it’s any priority given that you’re doing this for free. Bottom line, I figured it out and got it working with the added education from you guys and that’s what counts.

Thanks again for picking up the ball that Data Robotics seems to have dropped :smiley:

J.P.

With openssh installed I get an error during login, both for root and non-root users;

When running in debug mode:

debug1: restore_uid: 0/4294967295
setegid 4294967295: Invalid argument
debug1: do_cleanup
debug1: do_cleanup

Any advice?

I never experienced this error before, but a quick Google survey seems to point to bad permissions on the ~/.ssh folder.

It works,
Thanks Ricardo for great update.

any hint:
how can I run yoics in my DroboFS

Hmm, didn’t check that, my google search didn’t return anything, but this all looks fine:
Only root has an ~/.ssh directory:

id

uid=0(root) gid=0(root) groups=0(root)

cd ~

ls -ald .ssh/

drwx------ 2 root root 4096 Jan 12 10:46 .ssh/

ls -al .ssh/

drwx------ 2 root root 4096 Jan 12 10:46 .
drwxr-xr-x 6 root root 4096 Jun 9 12:15 …
-rw------- 1 root root 604 Jan 12 10:46 authorized_keys

pwd

/mnt/DroboFS/home

find ./ -name .ssh

I guess dropbear for now…

Short answer: you can’t, since it is compiled for the DroboShare. The DroboShare and the DroboFS have different system libraries.

Long answer: with some effort you probably could extract all the required libraries from a DroboShare and “transplant” them into the FS. It is a risky proposition, and if done carelessly could very well brick your FS.

But please, if you want to talk about yoics, start a new thread. It would be nice if we could keep this one only about OpenSSH.

Hi

I’m trying to get my head around setting up pub key login with OpenSSH, but I’m pretty much stuck.

I have generated a pub/priv key pair with puttygen. Now what?

A step-by-step with which files to add/edit etc. would be awesome :slight_smile:

Tusse.

Does this help?

http://blogs.perl.org/users/smylers/2011/08/ssh-productivity-tips.html

Yes, it does, thanks. Thought it would be harder. :slight_smile:

(For the benefit of others; what I did was to copy the text of my public key into a new file ~/.ssh/authorized_keys)

Tusse.

First thank you ricardo your work is very much appreciated. I’ve gotten OpenSSH to install and run properly so now I’m trying to understand how to change the password. Maybe I’m missing something but I thought I wanted to change the root password but I see a bunch of talk about passkeys? Which should I be doing and how do I change them from the DroboFS. Please bear in mind my experience with Linux is limited but I can follow directions if I have the right ones :slight_smile:

Password authentication is weaker than SSH public/private keys. Not to mention that that the FS has some funky business going on with the resetting of the root password at each boot, unless you edit the “magic” files. The change of the root password has been discussed several times in the forum, and is not specific to OpenSSH.