From: Peter Seiderer <ps.report@gmx.net>
To: buildroot@busybox.net
Subject: [Buildroot] Root password and ssh issues
Date: Fri, 7 Aug 2020 15:51:09 +0200 [thread overview]
Message-ID: <20200807155109.5399a89c@gmx.net> (raw)
In-Reply-To: <6b1def36-8387-624c-a51f-21d20505f500@bootlin.com>
Hello Michael,
On Fri, 7 Aug 2020 15:41:04 +0200, Michael Opdenacker <michael.opdenacker@bootlin.com> wrote:
> Greetings,
>
> Thanks for these useful clarifications!
>
> On 8/7/20 1:35 PM, Peter Seiderer wrote:
> > ...and should be fixed for uclibc by commit 'package/uclibc: defconfig:
> > enable sha-256/512 password auth support' ([1])...
> >
> > By the way, maybe it would be nice if the buildroot password hash
> > selection although changes the busybox default via
> > busybox/.config CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="md5"?
> >
> > Regards,
> > Peter
> >
> > [1] https://git.buildroot.net/buildroot/commit/?id=bdd8362a88428ed1c04fc6f4bbcbf7692b2a2b39
>
> Right, I should have mentioned that I'm using an external uClibc
> toolchain built by crosstool-ng.
>
> Do I understand well that the trouble comes from Dropbear (not BusyBox)
> supporting only MD5 in /etc/shadow, at least when built with my toolchain?
Yes, dropbear trouble, but by indirection of the used libc (here uclibc),
if possible take a look at your crosstol-ng uclibc .config file and search
for (for full support):
UCLIBC_HAS_SHA256_CRYPT_IMPL=y
UCLIBC_HAS_SHA512_CRYPT_IMPL=y
And adjust and rebuild accordingly...
And/or try to lower the buildroot default passoword hash from sha512 to sha256
in case your uclibc supports sha256 (you can check by testing ssh login after
setting the password with passwd -a sha256)...
Regards,
Peter
>
> Thanks again,
>
> Michael.
>
prev parent reply other threads:[~2020-08-07 13:51 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-07 9:51 [Buildroot] Root password and ssh issues Michael Opdenacker
2020-08-07 9:54 ` Thomas Petazzoni
2020-08-07 10:21 ` Michael Opdenacker
2020-08-07 11:12 ` Peter Seiderer
2020-08-07 11:16 ` Titouan Christophe
2020-08-07 11:35 ` Peter Seiderer
2020-08-07 13:41 ` Michael Opdenacker
2020-08-07 13:51 ` Peter Seiderer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200807155109.5399a89c@gmx.net \
--to=ps.report@gmx.net \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox