[FS#3884] dropbear: irritating restriction of interface setting

OpenWrt Bugs openwrt-bugs at lists.openwrt.org
Fri Jun 18 09:54:52 PDT 2021


A new Flyspray task has been opened.  Details are below. 

User who did this - phqzgunsfjror (phqzgunsfjror) 

Attached to Project - OpenWrt/LEDE Project
Summary - dropbear: irritating restriction of interface setting
Task Type - Bug Report
Category - Base system
Status - Unconfirmed
Assigned To - 
Operating System - All
Severity - Low
Priority - Very Low
Reported Version - Trunk
Due in Version - Undecided
Due Date - Undecided
Details - 
Fritzbox 4040
LuCI openwrt-19.07 branch (git-21.044.30835-34e0d65)
OpenWrt 19.07.7 r11306-c4a6851c72

I created a new network called `whatever`. It is neither part of `lan` nor `br-lan`.
In dropbear I restricted 
→ System → Administration → SSH Access → Interface: "lan" (Listen only on the given interface or, if unspecified, on all)
 (saved and rebootet)

I would assume that only devices from network `lan` can reach OpenWrt via SSH but also the network `whatever` can reach it. Is my assumption incorrect?  
In the end I restricted it with firewall rules but for me this setting is irritating.

I also tried to use `br-lan` but that is not selectable via Luci and via ssh it gives an error...

vi /etc/config/dropbear
config dropbear
        option Port '22'
        option Interface 'br-lan'
        option PasswordAuth 'off'

/etc/init.d/dropbear restart

error: interface br-lan has no physdev or physdev has no suitable ip

More information can be found at the following URL:

You are receiving this message because you have requested it from the Flyspray bugtracking system.  If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.

More information about the openwrt-bugs mailing list