Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Bug#495795: dropbear: please provide the scp binary

7 views

Skip to first unread message

Luca Capello

unread,

Aug 20, 2008, 10:00:34 AM8/20/08

Package: dropbear
Version: 0.51-1
Severity: wishlist

Hello,

according to the Debian changelog [1], dropbear in Debian doesn't ship
the scp binary, which is a problem when installed on embedded devices,
like the Openmoko FreeRunner (GTA02) [2].

Is there any specific reason the scp binary is not compiled in?
Installing openssh-client requires 2MB, which can be a problem on small
flash memories.

Thx, bye,
Gismo / Luca

PS, I cc:ed the pkg-fso-maint mailing list, since this bug directly
concerns Openmoko users :-)

Footnotes:
[1] the first and only occurrence is in version 0.48-1:
=====
dropbear (0.48-1) unstable; urgency=medium

* New upstream release.
* SECURITY: Improve handling of denial of service attempts from a single
IP.

* debian/implicit: update to revision 1.11.
* new upstream release updates to scp from OpenSSH 4.3p2 - fixes a
security issue where use of system() could cause users to execute
arbitrary code through malformed filenames; CVE-2006-0225 (see also
#349645); the scp binary is not provided by this package though.

-- Gerrit Pape <pa...@smarden.org> Fri, 10 Mar 2006 22:00:32 +0000
=====
[2] http://lists.alioth.debian.org/pipermail/pkg-fso-maint/2008-August/000006.html

-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: armel (armv4tl)

Kernel: Linux 2.6.24 (PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dropbear depends on:
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libgcc1 1:4.3.1-9 GCC support library
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime

dropbear recommends no packages.

Versions of packages dropbear suggests:
pn openssh-client <none> (no description available)
pn runit <none> (no description available)

-- no debconf information

Guilhem Moulin

unread,

Sep 18, 2015, 11:20:03 AM9/18/15

Control: tag -1 moreinfo

Hi there,

I wonder what's the best way to close this. dropbear and openssh-client
can currently coexist, because the SSH clients have different binary
names: /usr/bin/dbclient and /usr/bin/ssh. We could also install
dropbear SCP binary to e.g., /usr/bin/dbscp to have a non-conflicting
SCP *client*.

However that doesn't for the *server* part, since AFAIK a remote
executable called ‘scp’ is required by the SCP protocol (and needs to be
in the remote $PATH). So I believe the options at hands are:

* ask the OpenSSH maintainers to consider using an alternative for
their scp binary (and possibly ssh too), or
* provide a new package dropbear-client to ship /usr/bin/{dbclient,scp}
and make it conflict with openssh-client.

Any thoughts or suggestions?

Cheers,
--
Guilhem.

signature.asc

0 new messages