[Buildroot] Root password and ssh issues
Peter Seiderer
ps.report at gmx.net
Fri Aug 7 11:35:52 UTC 2020
Hello *,
On Fri, 7 Aug 2020 13:16:56 +0200, Titouan Christophe <titouan.christophe at railnova.eu> wrote:
> Hello Michael, Thomas, Peter and all,
>
> I'm also running my test device with Buildroot 2020.02.4, dropbear and
> root:root password authentication; I cannot reproduce the problem.
>
> On 7/08/20 13:12, Peter Seiderer wrote:
> > Hello Michael,
> >
> > On Fri, 7 Aug 2020 12:21:51 +0200, Michael Opdenacker <michael.opdenacker at bootlin.com> wrote:
> >
> >> Hi Thomas,
> >>
> >> Thanks for your quick reply!
> >>
> >>
> >>> What is the state of /etc/shadow with the non-working SSH login, and
> >>> then the state of /etc/shadow after resetting the password with passwd
> >>> ? I think I remember some issues with the expiration date/time of the
> >>> password, or something like that.
> >>
> >>
> >> Here are the details
> >>
> >> # ls -la /etc/shadow
> >> -rw------- 1 1000 1000 190 Aug 7 2020 /etc/shadow
> >>
> >> # cat /etc/shadow
> >> root:$5$D1pz/P1l$JCZhyjzCCqmXbnPx7g/mBtNtSSKkMqgctsmV/zBmlR2:::::::
>
> [--SNIP--]
>
> >> # cat /etc/shadow
> >> root:$1$SYGd3a37$u2RV/VOsLPqWznY4GR1jU.:13514::::::
>
> So, when you used `passwd`, the password hashing algorithm has changed
> from SHA512 ($5$) to MD5 ($1$). I found a similar issue though it dates
> back to 2016, maybe that could help:
> http://lists.busybox.net/pipermail/buildroot/2016-February/154348.html
...and should be fixed for uclibc by commit 'package/uclibc: defconfig:
enable sha-256/512 password auth support' ([1])...
By the way, maybe it would be nice if the buildroot password hash
selection although changes the busybox default via
busybox/.config CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="md5"?
Regards,
Peter
[1] https://git.buildroot.net/buildroot/commit/?id=bdd8362a88428ed1c04fc6f4bbcbf7692b2a2b39
>
> >> daemon:*:::::::
> >> bin:*:::::::
> >> sys:*:::::::
> >> sync:*:::::::
> >> mail:*:::::::
> >> www-data:*:::::::
> >> operator:*:::::::
> >> nobody:*:::::::
> >>
> >> # ls -la /etc/shadow
> >> -rw------- 1 1000 1000 174 Aug 7 2020 /etc/shadow
> >>
> >> I set the password the "root" (both in "menuconfig" and then through the
> >> "passwd" command). Only after this command can I login through ssh.
> >>
> >
> > No problem here to login via ssh via preset password (raspberrypi4_64_defconfig with
> > additional dropbear enabled):
> >
> > BR2_PACKAGE_DROPBEAR=y
> > BR2_PACKAGE_DROPBEAR_CLIENT=y
> > BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS=y
> > BR2_PACKAGE_DROPBEAR_SMALL=y
> > # BR2_PACKAGE_DROPBEAR_WTMP is not set
> > # BR2_PACKAGE_DROPBEAR_LASTLOG is not set
> > # BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO is not set
> > BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE=""
> >
> > What looks strange are your /etc/shadow permissions, should give
> > root/root for user/group...
> >
> > What is the /var/log/messages dropbear output for failure/success?
> >
> > What is your config/defconfig?
> >
> > Regards,
> > Peter
> >
> >> Cheers,
> >>
> >> Michael.
> >>
>
> Best regards,
> Titouan
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
More information about the buildroot
mailing list