Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dropbear SSH Server

    Scheduled Pinned Locked Moved
    Firewalling
    4
    5
    579
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Robust
      last edited by

      Hi

      After I do the Pentest, there has found this problem.
      In the firewall have issue of " DROPBEAR SSH SERVER < 2016.72 MULTIPLE VULNERABBILITIES'
      Can anyone help me for this issue.
      Why it happen and any solution for this issue?

      Thanks

      GertjanG johnpozJ W 3 Replies Last reply Reply Quote 0
      • GertjanG
        Gertjan @Robust
        last edited by

        @robust

        Good news !
        pfSense doesn't use "Dropbear".

        Please explain how and what you are testing.

        On the WAN side, nothing is open by default, so there will be no issue.
        On the LAN side, everything is open, as that is the place where you put your trusted devices.
        You have non-trusted devices ? Still no issue, put them on a second pfSense LAN interface, and chose your block/pass firewall rules wisely.

        @robust said in Dropbear SSH Server:

        Why it happen and any solution for this issue?

        No solution needed as there is no problem.
        Still, it's up to you to explain, as asked above.
        While detailing, you most probably find the reason yourself.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @Robust
          last edited by

          @robust pfsense does not run dropbear ssh.. You must be something else when you do your test. My APs for example run old dropbear.

          [22.05-RELEASE][admin@sg4860.local.lan]/root: ssh -V
OpenSSH_8.8p1, OpenSSL 1.1.1n-freebsd  15 Mar 2022

          Here is AP for example

          Hallway-BZ.6.2.26# ssh -V
Dropbear v2020.81
Hallway-BZ.6.2.26#

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.03 | Lab VMs 2.7.2, 24.03

          R 1 Reply Last reply Reply Quote 1
          • R
            Robust @johnpoz
            last edited by

            @johnpoz Thank you I will try it

            1 Reply Last reply Reply Quote 0
            • W
              WhoAmI68 @Robust
              last edited by

              @Robust Have you solved the issue? Where did you find the Dropbear?

              1 Reply Last reply Reply Quote 0
              • W WhoAmI68 referenced this topic
              • First post
                Last post