OpenWrt Forum Archive

Topic: Dropbear SSH private keys same for everyone!?

The content of this topic has been archived on 18 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

On my router running OpenWRT 12.09 stable, both /etc/dropbear/dropbear_dss_host_key and /etc/dropbear/dropbear_rsa_host_key have timestamps of Sep 8 2011. That suggests to me these private keys are not generated upon a device install, or with first run of Dropbear, and are presumably shared by thousands of OpenWRT installs. Isn't this a major security issue?

EDIT: I should add, I know how to regenerate fresh keys (using dropbearkey), but a lot of people won't think to do that. From what I understand, most big distros generate these keys during install.

(Last edited by gorbachev on 15 Apr 2014, 17:26)

They are generated during first boot. The reason for the timestamps is that the router time is initially set to build time, before the time is updated with ntp.

Ahhhh, ok, that makes sense!

It might be interesting to take a survey of the dropbear host keys.  If the keys are generated before much entropy is collected, they may be mostly the same anyway.  ;-)

They are probably based on the time of your firstboot, so they will be pretty different. Unless somene knows the exact time when you did firstboot, you should be fine wink

Remember though that until updated by NTP the clock will be set to build time (see above) which will be about the same for everyone so the problem might still remain...

I don't know how random number generator exactly works, and you may have a point, but you get always a different key after firstboot and passwd, even on an offline router, you can try it. Putty complains about not matching key. How much different they are I have no idea.

(Last edited by nozombian on 17 Apr 2014, 22:17)

omg can anybody with more than router can verify this?

You can verify that the keys are always different even on a single router:
1. firstboot
2. reboot
3. telnet to router, run passwd and pick your password
4. ssh to router using putty and putty will ask if you want to store a key

Now do the above once again, but on step 4 you will see, that putty will warn, that the key fingerprint does not match with the one stored from previous installation.

thanks for understanding :-)
my concern was that these two keys were some sort of master keys on which ssh keys were later generated  ... or as you said they do not differ much.
person with two routers might be able to invoke firstboot/telnet/reboot sequence in same time on both, maybe not very usable vulnerability but would be interesting to see result

The discussion might have continued from here.