Modify

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#9999 closed defect (duplicate)

OpenWRT wndr3700v2 images have pre-installed ssh keys

Reported by: Jeroen Dekkers <jeroen@…> Owned by: developers
Priority: highest Milestone: Backfire 10.03.1
Component: base system Version: Backfire 10.03.1 RC5
Keywords: Cc:

Description

Today I installed two netgear wndr3700v2 and didn't get any ssh warning when ssh'ing into the second one. Investigating further, I saw that the dropbear keys were the same and dated 27 March:

First AP:

root@OpenWrt:~# ifconfig | grep br-lan.*HW
br-lan    Link encap:Ethernet  HWaddr C4:3D:C7:A3:24:CB
root@OpenWrt:~# ls -al /overlay/etc/dropbear/dropbear_*
-rw-------    1 root     root          457 Mar 27 02:44 /overlay/etc/dropbear/dropbear_dss_host_key
-rw-------    1 root     root          426 Mar 27 02:44 /overlay/etc/dropbear/dropbear_rsa_host_key
root@OpenWrt:~# md5sum /overlay/etc/dropbear/dropbear_*
aac35a11323adaf1303345b3b157a835  /overlay/etc/dropbear/dropbear_dss_host_key
846ac819fa5ce27907bc822cc2c74310  /overlay/etc/dropbear/dropbear_rsa_host_key

Second AP:

root@OpenWrt:~# ifconfig | grep br-lan.*HW
br-lan    Link encap:Ethernet  HWaddr C4:3D:C7:A3:25:BE
root@OpenWrt:~# ls -al /overlay/etc/dropbear/dropbear_*
-rw-------    1 root     root          457 Mar 27 02:44 /overlay/etc/dropbear/dropbear_dss_host_key
-rw-------    1 root     root          426 Mar 27 02:44 /overlay/etc/dropbear/dropbear_rsa_host_key
root@OpenWrt:~# md5sum /overlay/etc/dropbear/dropbear_*
aac35a11323adaf1303345b3b157a835  /overlay/etc/dropbear/dropbear_dss_host_key
846ac819fa5ce27907bc822cc2c74310  /overlay/etc/dropbear/dropbear_rsa_host_key

I've used this image:
http://downloads.openwrt.org/backfire/10.03.1-rc5/ar71xx/openwrt-ar71xx-wndr3700v2-squashfs-factory.img

Priority highest because this means everybody can spoof/decrypt ssh.

Attachments (0)

Change History (4)

comment:1 Changed 6 years ago by Gert van Dijk <gertvdijk+openwrt@…>

Interesting find, but I was unable to prove the presence of the dropbear host keys in the general rootfs of 10.03 and 10.03.1rc5; openwrt-ar71xx-rootfs.tgz in the downloads.

The files do exist, but have a size of 0. The init script that starts dropbear checks for the size and presence of the files. Only if they do exist and their size is greater than 0 (using [ -s /the/file]), it will not run the keygen function. (see the /etc/init.d/dropbear file)

Also the dates don't match to the dates you report; March 28 and July 7 2011 is what I find here (Backfire original and 10.03.1rc5). Note that "Mar 27" modification times are for all new files on OpenWrt systems not yet set to the correct time.

That makes me believe the keys were actually generated when you started dropbear the first time. Are you really sure you had the same keys of two different boxes/installations? Then the generator /usr/bin/dropbearkey or randomization source can be the only cause, weak link, here.

I wasn't able to reproduce this on two identical x86 builds in two VMs.

Btw, I am not sure how to check the squashfs image you downloaded in particular. Probably needs cutting out the root filesystem overlay.

comment:2 Changed 6 years ago by Jeroen Dekkers <jeroen@…>

I think I drawed my conclusion that the keys were pre-installed a bit too fast. Given that March 27 is the date it's initialized with, it's not that strange that the same hardware takes the same amount of minutes to generate the keys and that would explain the same date and time. Given the low amount of entropy available, I think you're right that it's more likely a failing randomization source/key generation method (similar to the Debian OpenSSL bug). That might mean that keys aren't always the same, but the number of possible different keys is very limited and I got just lucky that I got the same two keys.

The two APs are already in production at a customer now (after I generated new ssh keys), so I can't test with those two at the moment...

comment:3 Changed 6 years ago by nbd

  • Resolution set to duplicate
  • Status changed from new to closed

tracking the lack of entropy issue in #9999

comment:4 Changed 6 years ago by nbd

I meant #9631 ;)

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.