Here is a port of dropbear (http://matt.ucc.asn.au/dropbear/dropbear.html) SSH server for mips TiVo.

Dropbear includes a client, server, key generator, and scp in a single compilation called dropbearmulti. Much like busybox, symlinks are created pointing each program in the package back to dropbearmulti.

tivo:~#./dropbearmulti
Dropbear multi-purpose v0.47.3 compiled for TiVo mips
Make a symlink pointing at this binary with one of the following names:
'dropbear' - the Dropbear server
'dbclient' or 'ssh' - the Dropbear client
'dropbearkey' - the key generator
'scp' - secure copy

To install this package:
1. transfer the dropbearmulti.zip file to your TiVo and expand into /tivo-bin
2. cd /tivo-bin
3. ln -sf dropbearmulti dropbear
4. ln -sf dropbearmulti dbclient
5. ln -sf dropbearmulti dropbearkey
6. ln -sf dropbearmulti scp
7. mkdir -p /tivo-bin/ssh
8. chmod 700 /tivo-bin/ssh
9. dropbearkey -t dss -f /tivo-bin/ssh/dropbear_dss_host_key
10. dropbearkey -t rsa -f /tivo-bin/ssh/dropbear_rsa_host_key
11. touch /tivo-bin/ssh/authorized_keys
12. chmod 600 /tivo-bin/ssh/*
13. now you need to generate a public and private key using Putty (http://www.chiark.greenend.org.uk/~sgtatham/putty/). You want to export an openssh-compatible public key and write it to /tivo-bin/ssh/authorized_keys. If you're not sure what I'm talking about, then take a moment and rtfm.
14. add "root:x:0:0:root:/var/hack:/bin/sh" (no quotes) to /etc/passwd (it may already be there if you have setup crond).
15. add "root:x:0:" to /etc/group
16. now you can start the server with /tivo-bin/dropbear from rc.sysinit.author
17. connect using ssh root@tivo

*For using the BASH shell with dropbear see post below.

Now there are a few caveats to using this port. The location of the host keys is configurable with the -d and -r switch, but the location of authorized_keys is not. So you might as well put all the keys in /tivo-bin/ssh as per above. Note that the chmod's above are important.

The following environment is automatically setup for non interactive sessions (otherwise you end up with a default environment).
TIVO_ROOT=
PATH=/bin:/sbin:/tvbin:/tivo-bin:/var/hack/bin:/var/hack/sbin
MFS_DEVICE=/dev/hda10


If you run into trouble, try launching dropbear with the -F -E switches and connect using ssh -v, which will give you some debug info.

Overall, dropbear works well. It secures access to the TiVo and can be launched from rc.sysinit.author directly.

Here's an update to the dropbear SSH server for mips TiVo.

Dropbear sshd v0.48.2 compiled for TiVo mips
Usage: dropbear [options]
Options are:
-b bannerfile Display the contents of bannerfile before user login
(default: none)
-d dsskeyfile Use dsskeyfile for the dss host key
(default: /tivo-bin/ssh/dropbear_dss_host_key)
-r rsakeyfile Use rsakeyfile for the rsa host key
(default: /tivo-bin/ssh/dropbear_rsa_host_key)
-F Don't fork into background
-E Log to stderr rather than syslog
-w Disallow root logins
-s Disable password logins
-g Disable password logins for root
-j Disable local port forwarding
-k Disable remote port forwarding
-a Allow connections to forwarded ports from any host
-p port Listen on specified tcp port, up to 10 can be specified
(default 22 if none specified)

All of my previous post describing dropbear still applies, except that the server NOW has the ability to do password authentication using information stored in /etc/passwd.

Typically, your /etc/passwd file will look something like this:

root:x:root:/var/hack:/bin/bash

The "x" indicates that the passwd for root is not set. To set the password for root you have two choices. In the first, I have included a small utility (crypt) to manually encrypt your password:

crypt - DES one-way password encryption tool.

Usage: crypt '<salt>' '<key>'

<salt> is a two-character string chosen from the set [a-zA-Z0-9./]
<key> is a user's typed password (40-character string max)
e.g., crypt '0Z' 'T1V0' -> 0ZefiBk.NHbhM

The output of crypt can be used to replace "x" for root in /etc/passwd:

root:0ZefiBk.NHbhM:root:/var/hack:/bin/bash

You should now be able to login using "T1V0" as the password. The second method uses the program passwd in busybox (I'm running 1.5.0) to encrypt and update your password in one step. Maybe Alphawolf can add passwd to busybox in his next compile.:)

Other Notes:

To set up dropbear to use bash as its default shell you need to do two things:

1. Edit "/etc/shells" (create if it doesn't already exist) to include bash:
BASH=/bin/bash

2. Edit "/etc/passwd" to use bash and also define the default director:

root:0:0:0:root:/var/hack:/bin/bash

| |
default dir |
shell

You should then create a ".profile" in "/var/hack" to setup your environment.

As mentioned above, if you run dropbear in such a way that is does not need to assign a terminal, then it will use a predefined, hardcoded environment (this is out of necessity):
TIVO_ROOT=
PATH=/bin:/sbin:/tvbin:/tivo-bin:/var/hack/bin:/var/hack/sbin
MFS_DEVICE=/dev/hda10

If you execute: ssh root@tivo 'echo $PATH'
you will see the above path, no matter what is in your .profile. This is what is called a non interactive session, and is generally a special case. This environment allows you to run non interactive TiVo tcl scripts through ssh.

Here is dropbear 0.49.1 for TiVo mips, which updates to the current version. The change log for this version is as follows (from Matt Johnston's website):

- Security: dbclient previously would prompt to confirm a
mismatching hostkey but wouldn't warn loudly. It will now
exit upon a mismatch.

- Compile fixes, make sure that all variable definitions are at the start
of a scope.

- Added -P pidfile argument to the server (from Swen Schillig)

- Add -N dbclient option for "no command"

- Add -f dbclient option for "background after auth"

- Add ability to limit binding to particular addresses, use
-p [address:]port, patch from Max-Gerd Retzlaff.

- Try to finally fix ss_family compilation problems (for old
glibc systems)

- Fix finding relative-path server hostkeys when running daemonized

- Use $HOME in preference to that from /etc/passwd, so that
dbclient can still work on broken systems.

- Fix various issues found by Klocwork defect analysis, mostly memory leaks
and error-handling. Thanks to Klocwork for their service.

- Improve building in a separate directory

- Add compile-time LOG_COMMANDS option to log user commands

- Add '-y' flag to dbclient to unconditionally accept host keys,
patch from Luciano Miguel Ferreira Rocha

- Return immediately for "sleep 10 & echo foo", rather than waiting
for the sleep to return (pointed out by Rob Landley).

- Avoid hanging after exit in certain cases (such as scp)

- Various minor fixes, in particular various leaks reported by
Erik Hovland

- Disable core dumps on startup

- Don't erase over every single buffer, since it was a bottleneck.
On systems where it really matters, encrypted swap should be utilised.

- Read /dev/[u]random only once at startup to conserve kernel entropy

- Upgrade to LibTomCrypt 1.16 and LibTomMath 0.40

- Upgrade config.status and config.guess

Updated archive as per the following change log.

0.50 - Wed 8 August 2007

- Add DROPBEAR_PASSWORD environment variable to specify a dbclient password

- Use /dev/urandom by default, since that's what everyone does anyway

- Correct vfork() use for uClinux in scp
(thanks to Alex Landau)

- Exit with an exit code of 1 if dropbear can't bind to any ports
(thanks to Nicolai Ehemann)

- Improve network performance and add a -W <receive_window> argument for
adjusting the tradeoff between network performance and memory consumption.

- Fix a problem where reply packets could be sent during key exchange,
in violation of the SSH spec. This could manifest itself with connections
being terminated after 8 hours with new TCP-forward connections being
established.

- Add -K <keepalive_time> argument, ensuring that data is transmitted
over the connection at least every N seconds.

- dropbearkey will no longer generate DSS keys of sizes other than 1024
bits, as required by the DSS specification. (Other sizes are still
accepted for use to provide backwards compatibility).

If you have questions post in Series 2 Support Thread Here (http://www.dealdatabase.com/forum/showthread.php?t=55261).

MD5: 67eacf7d3e96f09f345543e459d7c0b9

Here is a port of Carson Harding's autossh (http://www.harding.motd.ca/autossh/) for TiVo mips. It can be used with dropbear to maintain ssh tunnels between machines.

From his website:
* autossh is a program to start a copy of ssh and monitor it, restarting it as necessary should it die or stop passing traffic. The idea is from rstunnel (Reliable SSH Tunnel), but implemented in C.
* The author's view is that it is not as fiddly as rstunnel to get to work.
* Connection monitoring using a loop of port forwardings or a remote echo service.
* Backs off on rate of connection attempts when experiencing rapid failures such as connection refused.
* Compiled and tested on OpenBSD, Linux, Solaris, Mac OS X, Cygwin, and AIX; should work on other BSDs.
* Freeware.

This version of autossh is hard-coded for /tivo-bin/dbclient from dropbear, but this can be changed with an environmental variable. The best way to understand how autossh can be used is to read the README (http://www.harding.motd.ca/autossh/README).

Here is an example that I use with dbclient from dropbear to tunnel tivowebplus:
autossh -M20000 -R 8080:localhost:80 user@x.x.x.x -N -i /tivo-bin/ssh/id_dsa -fIn this example I use a dropbear generated key (id_dsa), but I could have set the environmental variable DROPBEAR_PASSWORD (new for dropbear version 0.50.1) to automate the password login without the key. For the meaning of the other switches passed to dbclient, see the post above.

Running autossh alone gives:
usage: autossh [-V] [-M monitor_port[:echo_port]] [-f] [SSH_OPTIONS]

-M specifies monitor port. May be overridden by environment
variable AUTOSSH_PORT. 0 turns monitoring loop off.
Alternatively, a port for an echo service on the remote
machine may be specified. (Normally port 7.)
-f run in background (autossh handles this, and does not
pass it to ssh.)
-V print autossh version and exit.

Environment variables are:
AUTOSSH_GATETIME - how long must an ssh session be established
before we decide it really was established
(in seconds)
AUTOSSH_LOGFILE - file to log to (default is to use the syslog
facility)
AUTOSSH_LOGLEVEL - level of log verbosity
AUTOSSH_MAXSTART - max times to restart (default is no limit)
AUTOSSH_MESSAGE - message to append to echo string (max 64 bytes)
AUTOSSH_PATH - path to ssh if not default
AUTOSSH_PIDFILE - write pid to this file
AUTOSSH_POLL - how often to check the connection (seconds)
AUTOSSH_FIRST_POLL - time before first connection check (seconds)
AUTOSSH_PORT - port to use for monitor connection
AUTOSSH_DEBUG - turn logging to maximum verbosity and log to
stderr


Note on the installation: autossh requires the libnsl.so.1 library (included), which must be placed in /lib; autossh can be placed in /tivo-bin (like with dropbear). One last thing...please make sure your tunnels work before you hand them over to autossh to manage.

New version ... see here (http://matt.ucc.asn.au/dropbear/CHANGES).