Community Hub0 Subscribers
Community hub
Dropbear (software)
View on Wikipediafrom Wikipedia
| Dropbear | |
|---|---|
| Developer | Matt Johnston |
| Initial release | April 2003, 06 |
| Stable release | 2025.89[1] 
/ 16 December 2025 |
| Written in | C |
| Operating system | Unix-like |
| Type | Remote access |
| License | MIT license |
| Website | matt |
| Repository | |
Dropbear is a software package written by Matt Johnston that provides a Secure Shell-compatible server and client.[2] It is designed as a replacement for standard OpenSSH for environments with low memory and processor resources, such as embedded systems. It is a core component of OpenWrt and other router distributions.
Dropbear was originally released in April 2003.
Technology
[edit]Dropbear implements version 2 of the Secure Shell (SSH) protocol.[3]
The cryptographic algorithms are implemented using third-party cryptographic libraries like LibTomCrypt included internally in the Dropbear distribution. It derives some parts from OpenSSH to handle BSD-style pseudo terminals.[4]
Features
[edit]Dropbear implements the complete SSH version 2 protocol in both the client and the server.[5][6] It does not support SSH version 1 backwards-compatibility in order to save space and resources, and to avoid the inherent security vulnerabilities in SSH version 1. SCP is also implemented.[7] SFTP support relies on a binary file which can be provided by OpenSSH or similar programs. FISH works in any case and is supported by Konqueror.
Dropbear supports elliptic curve cryptography for key exchange, as of version 2013.61test and beyond.[8]
See also
[edit]
- Lsh – GNU Project's implementation of ssh
- Comparison of SSH clients
- Comparison of SSH servers
References
[edit]- ^ https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.89.
{{cite web}}: Missing or empty|title=(help) - ^ "VA Technical Reference Model v 24.4. Dropbear Secure Shell (SSH) Server". oit.va.gov. 2019-09-04. Retrieved 2024-06-27.
- ^ "dropbear(8)". Ubuntu. Retrieved 2020-05-23.
- ^ Matt Johnston. "Dropbear SSH". Retrieved 2020-05-23.
PTY handling code is taken from OpenSSH
- ^ Liu, Dale (2011-04-18). Next Generation SSH2 Implementation: Securing Data in Motion. Syngress. ISBN 978-0-08-057000-6.
- ^ Aufranc, Jean-Luc (October 6, 2011). "Dropbear: Lightweight SSH Server". CodingHW. Retrieved 2024-06-27.
- ^ Matt Johnston (2004-06-01). "Makefile.in contains updated files required". Retrieved 2020-05-23.[permanent dead link]
- ^ "CHANGES". 14 November 2013. Retrieved 2020-05-23.
ECC (elliptic curve) support. Supports ECDSA hostkeys (requires new keys to be generated) and ECDH for setting up encryption keys[...]
External links
[edit]
| Email clients | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Secure communication |
| ||||||||||||||
| Disk encryption (Comparison) | |||||||||||||||
| Anonymity | |||||||||||||||
| File systems (List) | |||||||||||||||
| Security-focused operating system | |||||||||||||||
| Service providers | |||||||||||||||
| Educational | |||||||||||||||
| Anti–computer forensics | |||||||||||||||
| Related topics | |||||||||||||||
Dropbear (software)
View on Grokipediafrom Grokipedia
dropbearkey for key generation and dropbearconvert for handling OpenSSH-compatible keys.[3] As a core component in systems like OpenWrt and BusyBox, it enables secure remote access and file transfer (via an integrated SCP implementation) without the overhead of larger alternatives, making it a preferred choice for network appliances and minimalistic operating systems.[4]
Development and History
Origins and Initial Release
Dropbear was developed by Matt Johnston, an Australian software engineer associated with the University Computer Club (UCC) at the University of Western Australia, who specialized in creating efficient tools for Unix-like operating systems.[1] Johnston's work focused on resource-constrained environments, drawing from his experience in open-source development within academic and community settings.[5] The primary motivation for creating Dropbear stemmed from the need for a lightweight Secure Shell (SSH) implementation suitable for memory-limited devices, such as routers and other embedded systems, where full-featured alternatives like OpenSSH consumed excessive resources.[1] This addressed a gap in available software for resource-poor Unix platforms, enabling secure remote access without compromising performance in constrained hardware.[6] Dropbear's first public release occurred on April 6, 2003, providing basic SSH version 2 server and client functionality, including support for key-based authentication and essential protocol features.[2] The initial version emphasized minimal footprint, compiling to a small binary size ideal for embedded use.[1] Early adoption was notable within open-source communities, with Dropbear integrated into router firmware distributions like OpenWrt beginning in 2005.[7] This integration facilitated its use in wireless routers and similar devices for secure management, aligning with the growth of customizable embedded Linux systems following OpenWrt's launch in 2004.[8][9] The software was released under a permissive MIT-style license, which promoted broad adoption by allowing free modification and distribution while requiring only attribution to Johnston and other contributors.[1] This licensing choice contributed to its rapid dissemination in open-source projects targeting embedded applications.[10]Evolution and Key Milestones
Dropbear's development began with its initial release in April 2003 as a lightweight SSH implementation by Matt Johnston, focusing on resource-constrained environments.[2] In the early 2000s, subsequent versions introduced key features such as X11 forwarding, enabling secure graphical application tunneling, and refinements to public key authentication, including improved compatibility with standard key formats for broader interoperability.[1] By 2011, version 0.54 incorporated performance optimizations, enhancing throughput and efficiency in data handling for embedded use cases.[11] A significant milestone came in 2013 with version 2013.61, which introduced support for elliptic curve cryptography (ECC), including ECDSA hostkeys and ECDH key exchange, marking an advancement in modern cryptographic integration.[11] The project transitioned from a personal repository hosted at ucc.asn.au to a GitHub mirror under mkj/dropbear around 2013, facilitating easier community access and collaboration.[3] Throughout its history, Dropbear has benefited from community contributions, including bug fixes and patches addressing SSH vulnerabilities, such as CVE-2017-9078 (double-free) in 2017.75 and CVE-2023-48795 (Terrapin attack) in 2024.84.[12][13] Version 2022.83 focused on security enhancements, disabling deprecated DSS keys by default and adding combined public key/password authentication options. Integration into major distributions like OpenWrt began in the mid-2000s, around 2005, where it became a core component for router firmware due to its small footprint.[7] The latest stable release, 2025.88 on May 7, 2025, addressed critical security issues like CVE-2025-47203 (command injection in dbclient) while introducing post-quantum key exchange support in prior updates.[14]Technical Design
Core Architecture
Dropbear features a modular design implemented through distinct binaries tailored to specific SSH-related tasks, promoting efficiency and ease of deployment in constrained environments. The primary components include the server executabledropbear, which handles incoming SSH connections; the client dbclient, serving as a lightweight alternative to traditional SSH clients; dropbearkey for generating and managing RSA, DSS, and ECDSA host or user keys; and utility programs such as dropbearconvert for converting keys between Dropbear's native format and other standards like OpenSSH or PuTTY, as well as an integrated scp implementation for secure file transfers. This separation allows users to compile and include only necessary parts, reducing overall storage requirements while maintaining functionality.[1][3]
The server component supports both multi-binary and single-binary (multi-purpose) architectures. In the single-binary mode, a unified binary can be symlinked to act as dropbear, dbclient, dropbearkey, or other tools, further minimizing disk space in embedded setups. This design supports multiple concurrent sessions through forking child processes for each connection, enabling efficient handling of simultaneous users without excessive resource overhead. For cryptographic operations, Dropbear integrates libraries such as LibTomCrypt for encryption and authentication primitives.[3][1]
Written in POSIX-compliant C, Dropbear ensures high portability across Unix-like operating systems, including resource-limited embedded Linux platforms such as those found in wireless routers and IoT devices, with configurable build options via the Makefile to adapt to various architectures. Compatibility with standard SSH ecosystems is enhanced by incorporating pseudo-terminal (PTY) handling code adapted from OpenSSH, allowing seamless interactive shell sessions and terminal emulation.[1][3]
Memory management in Dropbear is finely tuned for low-resource environments, with efficient allocation and minimal dynamic memory usage to achieve a small runtime footprint, making it suitable for systems with limited RAM availability.[1][15]
Cryptographic Components
Dropbear relies on the LibTomCrypt library for its core cryptographic primitives, including symmetric encryption with AES, hashing via SHA-256, and key exchange through Diffie-Hellman.[1] This modular library provides portable implementations of these algorithms, ensuring Dropbear's lightweight footprint while maintaining compatibility with SSH protocol requirements. Additionally, LibTomMath handles bignum arithmetic necessary for operations like modular exponentiation in Diffie-Hellman exchanges.[1] Support for elliptic curve cryptography (ECC) was introduced in Dropbear version 2013.62, enabling ECDSA host keys and ECDH for key establishment.[16] This includes curves such as NIST P-256, which offers efficient security comparable to larger RSA keys, particularly beneficial in resource-constrained environments. Key generation and management in Dropbear are handled by the dropbearkey utility, which supports RSA, DSS, ECDSA, and Ed25519 key formats for creating private keys compatible with both the server and client.[17] These keys are stored in a proprietary binary format optimized for size, with options to specify key types via the -t flag (e.g., rsa, dss, ecdsa).[18] Dropbear lacks a built-in random number generator and instead draws from system entropy sources, such as /dev/urandom, to seed cryptographic operations and generate nonces. This approach leverages the host operating system's entropy pool, configurable at compile time via DROPBEAR_RANDOM_DEV for reliable randomness in embedded settings.[19] To enhance security, Dropbear avoids deprecated algorithms like MD5 for host key verification and signatures, prioritizing modern alternatives such as SHA-256 for hashing in key exchanges and authentication. This design choice aligns with SSH best practices, reducing vulnerability to collision attacks inherent in older hash functions.[20]Features and Capabilities
Protocol Support
Dropbear implements the SSH version 2 (SSH-2) protocol in both client and server modes, providing full compliance with the core standards outlined in RFC 4251 (architecture), RFC 4252 (authentication protocol), RFC 4253 (transport layer protocol), and RFC 4254 (connection protocol).[21][22] This adherence ensures interoperability with other SSH-2 compliant implementations, such as OpenSSH, while focusing on secure remote login and network services over untrusted networks.[1] The software supports secure file transfer mechanisms aligned with SSH-2 standards, including SCP for copying files between hosts using the protocol's transport layer as specified in RFC 4251.[3] For SFTP, Dropbear offers basic support but requires an external sftp-server binary, typically provided by OpenSSH or compatible tools, to handle the file transfer subsystem.[23] Dropbear deliberately omits support for the insecure SSH version 1 protocol, a design choice that minimizes the attack surface and keeps the codebase compact for resource-constrained environments.[21][1] Additional protocol features include X11 forwarding on the server side, enabling the secure tunneling of graphical applications from remote hosts to local X11 displays.[1] Dropbear also incorporates compression options via the zlib library, which can be enabled to optimize bandwidth usage in low-resource or high-latency networks without compromising security.[24][2]Security and Authentication Options
Dropbear supports public key authentication using RSA, DSS, ECDSA, and Ed25519 keys stored in the~/.ssh/authorized_keys file, maintaining compatibility with OpenSSH's format for seamless integration.[3][25] This method allows users to specify restrictions such as no-port-forwarding, no-agent-forwarding, no-X11-forwarding, no-pty, or command="forced_command" within the key entries to enforce granular access controls.[21] The ~/.ssh directory and authorized_keys file must be writable only by the owner to enable authentication, preventing unauthorized modifications.[21]
Password authentication is enabled by default in Dropbear, providing a straightforward option for user login, though it can be disabled via command-line flags like -s for enhanced security.[21] For more advanced policies, Dropbear can be compiled with PAM (Pluggable Authentication Modules) support, allowing integration with system-wide authentication mechanisms such as RADIUS or other modules, though this adds to the binary size and is optional during build.[1]
To mitigate man-in-the-middle attacks, Dropbear implements host key verification, where clients check the server's public host keys (generated via dropbearkey for RSA, DSS, ECDSA, and Ed25519 types) against known entries, typically in a known_hosts file.[3][26] Due to its focus on minimal footprint for embedded systems, Dropbear does not include privilege separation like some larger SSH implementations; instead, security is bolstered through alternatives such as chroot jails, which can restrict users to specific directories during sessions, particularly for SFTP or SCP subsystems.[9]
Recent enhancements in 2025 releases address evolving threats: version 2025.87 disables weak hashes like SHA-1 by default and adds post-quantum key exchange methods (such as sntrup761x25519-sha512@openssh.com), while 2024.86 improves signal handling (SIGINT/SIGTERM) to fix race conditions akin to those exploited in vulnerabilities like CVE-2024-6387 in other SSH servers.[27] Additionally, version 2024.84 introduces strict key exchange (KEX) support to counter prefix truncation attacks such as CVE-2023-48795 (Terrapin), and version 2025.88 (as of May 2025) fixes CVE-2025-47203 to prevent shell command execution via dbclient hostname arguments.[27]
Usage and Deployment
Integration in Embedded Systems
Dropbear is primarily utilized in embedded Linux distributions such as OpenWrt, DD-WRT, and environments incorporating BusyBox, where its lightweight design facilitates secure remote access on resource-constrained hardware.[23][28] The software's binary size provides significant advantages for deployment in such systems; the server compiles to approximately 110 KB as a statically linked binary on x86 with uClibc and minimal options, while the client is comparably compact at around 100 KB.[1] This compactness enables integration into devices with limited storage and less than 16 MB of RAM, such as older wireless routers and basic network appliances.[1] In IoT device management, Dropbear serves as an efficient alternative for remote access, avoiding the larger footprint of full-featured SSH implementations like OpenSSH, thereby supporting secure administration over low-bandwidth connections without excessive resource demands.[1] Representative examples include its default inclusion as the SSH server in firmware for wireless routers from manufacturers like TP-Link and Netgear, particularly those running customized OpenWrt-based systems, as well as various network appliances requiring minimal overhead for maintenance.[23][29] Dropbear supports cross-compilation for common embedded architectures including ARM and MIPS, allowing seamless adaptation to diverse hardware platforms prevalent in routers and IoT gateways.[1]Configuration Practices
Dropbear configuration is primarily achieved through command-line options for the server and client binaries, with system-specific integrations like UCI in OpenWrt providing additional abstraction. The server, invoked via thedropbear command, supports options to customize listening ports, authentication restrictions, and host key usage. For instance, to start the server on a non-default port while disabling root logins, the command dropbear -p 2222 -w binds to TCP port 2222 and prohibits root user access, enhancing security in production environments.[30] Similarly, the -s option disables all password logins, forcing public key authentication, while -g specifically targets root password logins without affecting other users.[21]
Host key management is handled using the dropbearkey utility, which generates RSA, DSS, ECDSA, or Ed25519 private keys for server identification. To create an RSA host key, execute dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key, specifying the key type with -t and output file with -f; the default key size is 2048 bits, but -s allows customization (e.g., -s 4096 for stronger security). These keys must be placed in /etc/dropbear/ (e.g., dropbear_rsa_host_key for RSA), where the server reads them at startup; if absent, Dropbear can auto-generate them via the -R flag.[31] The -r and -d options permit specifying custom RSA or DSS host key files, respectively, overriding defaults for flexible deployments.[30]
For client operations, dbclient offers options for secure connections, including proxy support and identity specification. A basic connection uses dbclient user@host -p 2222, with -i identityfile loading a private key for authentication (multiple -i flags allow fallback keys in Dropbear format). Proxy commands enable chained connections via -J "proxycommand", such as dbclient -J "nc proxyhost 22" user@target, routing through an intermediate host; multi-hop bastion setups are supported directly like dbclient user@bastion,user@target.[32]
In OpenWrt environments, Dropbear configuration leverages the UCI system through /etc/config/dropbear, allowing declarative setup without direct command-line invocation. The Port option sets the listening port (default 22), Interface binds to a specific network interface (e.g., lan), and PasswordAuth (boolean, default 1) toggles password authentication globally, while RootPasswordAuth (default 1) controls root-specific access. Changes require applying via /etc/init.d/dropbear restart, supporting multiple instances for advanced routing setups.[23]
Logging and debugging are configurable for troubleshooting, with Dropbear defaulting to syslog for operational messages. The -E flag redirects output to standard error for foreground debugging, useful during initial setup (e.g., dropbear -E -p 2222). In scripted or service-managed deployments, syslog integration captures authentication attempts and errors, aiding in monitoring resource-constrained systems.[30]