Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

please add the sftp-server, so a static dropbearmulti with sftp func is possible #155

Open
MaxPeal opened this issue Apr 7, 2022 · 9 comments
Open

please add the sftp-server, so a static dropbearmulti with sftp func is possible #155

MaxPeal opened this issue Apr 7, 2022 · 9 comments
Labels
feature request

Comments

@MaxPeal
Copy link

MaxPeal commented Apr 7, 2022
edited
Loading

please add a standalone version of OpenSSH's sftp-server program, so a make like:

./configure --enable-static
make PROGRAMS="dropbear dbclient scp" MULTI=1

for make a static dropbearmulti with sftp-server func is possible.
@MaxPeal MaxPeal changed the title please add the sftp-server, so a static dropbearmulti with sftp func is possibil please add the sftp-server, so a static dropbearmulti with sftp func is possible Apr 7, 2022
@mkj
Copy link
Owner

mkj commented Apr 8, 2022

It looks like OpenSSH's sftp-server would require at least a dozen .c files to build. It seems relatively separate from other parts of OpenSSH, though would still need various configure tests etc. Perhaps it could be added in a subdirectory - I'm not sure if I'll get to it myself but I wouldn't object if someone wants to add it. Of course we might then need to add sftp client too if OpenSSH removes scp as a server.

@MaxPeal
Copy link
Author

MaxPeal commented Apr 8, 2022

And not a import but an easy option in the makefile to auto integrate a separate automatic openssh build?

@thom-nic
Copy link

I have just learned that modern releases of openssh have deprecated the scp protocol. When using dropbear as server and an openssh client, legacy scp can be reenabled using the -O flag. But, as the article states the legacy protocol may be completely disabled at some point in the future.

So folks using dropbear as SSH server will need a solution to support sftp for secure file transfer in the future.

@MichaIng
Copy link
Contributor

Not sure if it makes sense to bundle those, since Dropbear and the OpenSSH SFTP server are two entirely dedicated standalone projects which can be plug&play combined trivially by end users? If I'm not mistaken, the only thing that needs to exist on Linux distros is /usr/lib/sftp-server, which is then invoked by clients automatically server-side. And one might want to use alternatives like the Green End SFTP Server. Having separate executables and the ability to e.g. update each separately also is a security aspect.

@dadolee
Copy link

dadolee commented Dec 7, 2022

Not sure if it makes sense to bundle those, since Dropbear and the OpenSSH SFTP server are two entirely dedicated standalone projects which can be plug&play combined trivially by end users? If I'm not mistaken, the only thing that needs to exist on Linux distros is /usr/lib/sftp-server, which is then invoked by clients automatically server-side. And one might want to use alternatives like the Green End SFTP Server. Having separate executables and the ability to e.g. update each separately also is a security aspect.

I tried to compile Openssh sftp-server, but it cannot be called by Dropbear subsystem. Is there any relevant information about transplanting sftp-server?

@MichaIng
Copy link
Contributor

MichaIng commented Dec 7, 2022

As said, it works here OOTB with any SFTP server binary located at /usr/lib/sftp-server or /usr/lib/openssh/sftp-server, or anywhere else if the SFTP client allows to define the path. Assure that the binary is executable. Otherwise, some more details, especially what exactly you did, error messages etc would be helpful. But at best in a dedicated issue, to not mess with this feature request.

@HansH111
Copy link
Contributor

Well I have an integrated small scp integrated in dropbear which does the -f -t -p options and integrates in svr-chansession.c
it is only 7,5 kb source, if there is an interest in that I will post that.
That way you don't have to rely on an external scp binary or sftp binary.
But it is very basic...

@takov751
Copy link

takov751 commented Feb 3, 2023
edited
Loading

Not sure if it makes sense to bundle those, since Dropbear and the OpenSSH SFTP server are two entirely dedicated standalone projects which can be plug&play combined trivially by end users? If I'm not mistaken, the only thing that needs to exist on Linux distros is /usr/lib/sftp-server, which is then invoked by clients automatically server-side. And one might want to use alternatives like the Green End SFTP Server. Having separate executables and the ability to e.g. update each separately also is a security aspect.

I tried to compile Openssh sftp-server, but it cannot be called by Dropbear subsystem. Is there any relevant information about transplanting sftp-server?

I was able to simple compile sftp-server from the project openssh-portable with

 ./configure --without-openssl --host arm-linux --without-zlib --with-ldflags=-static && make sftp-server

just change to host to your need. And move the binary next to the dropbear or somewhere in the PATH.
It should work. I ended up with the dropbearmulti arm 32bit binary 500kb and the sftp-server on itself 600+ kb . It's works like a charm

@BrainSlayer
Copy link

BrainSlayer commented Feb 17, 2023
edited
Loading

i managed to use the openssh sftp server in dd-wrt with dropbear and its just 22 kb on mips platform

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@thom-nic @mkj @HansH111 @BrainSlayer @dadolee @MichaIng @MaxPeal @takov751