Configure Dropbear to use SSH HostCertificate

Hi everyone.

I am using Pfsense Router with OpenWrt set up as a Wireless Access Point which I want to have an external ssh access to.

I am currently using HAProxy on my Pfsense to route outside SSH connections to my home network hosts via TLS (port 443) using SNI TLS extension. Therefore, the SSH connection goes to, utilizing SNI field, that tells which internal host to route the SSH connection to. This way I can expose only one port 443 to the internet in order to connect to any of the internal backends (my home network hosts) via HTTPS or SSH without exposing each individual SSH ports for each host to the World.

All works fine except the fact that whenever I connect to a different internal host (specifying different SNI), I receive TOFU message from OpenSSH:

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256: <...>

Thus, unfortunately, I have to clear up my ~/.ssh/known_hosts each time I want to ssh into a different host over TLS via my

The usual solution to this is using SSH HostCertficate instead of SSH HostKey for Server (Host) Authentication. Description of the method could be found here or here or here

I have successfully implemented Host Certificate Authentication for my Linux hosts and that eliminated the TOFU. Great...

But what about the OpenWrt hosts? Does Dropbear able to use something like this standard sshd stanza as follows:

HostCertificate /etc/ssh/`

How to make it possible on Dropbear?

And if it is impossible for now (which is so sad), is it planned to be implemented in the future because it is an obvious defect?

Any help/idea is highly appreciated! Thanks.

Can you modify the .ssh/config on the device you're connecting from to add UserKnownHostsFile=/dev/null to a specific host or a wildcard?

1 Like

@stangri Thanks for the suggestion. Yes, I could even add StrictHostKeyChecking=accept-new on the client ~/.ssh/config to the host... But this is the "dirty fix"... I mean the OpenSSH has a beautiful concept of SSH Certificates... It would be great Dropbear could be able to utilize this feature! I thought I may be missing something obvious...

AFAIK, these settings exist specifically for this reason, why do you call it a dirty fix?

Well, obviously, these settings exist for disabling the Host Authentication, but the whole idea behind Host Authentication is another layer of security that is being disabled... Thus, we give up the important security layer, that is why I call it "dirty"... It's not even the fix... More of a workaround for TOFU. So to elaborate, this way we are alowing possibility of destination spoofing attack vector.

What certificate support Dropbear has in OpenWrt seems to be described here. If that isn't sufficient, you'll need to ask the Dropbear dev team (suggest starting here) whether what you want is even supported.

Another alternative, if your device has sufficient flash space, might be to look at installing the openssh-server package to replace Dropbear.

1 Like

@pythonic thanks for your help. It seems there is no any SSH Certificate support in Dropbear sadly. Just a PKI support is definitely insufficient for cases described above. It seems that your suggestion to install full-featured openssh package is the way to go for now.