I'm using Rpi3 build with rdk-next, When I'm connected to LAN Ip of rdk (ssh root@10.0.0.1) SSH is not working. From WAN Ip (ssh root@192.168.xx.xx)  I'm able to SSH login.

Then I try to checking netstat - It shows ssh(dropbear) service is running on specific IP(WAN interface).


So do I need to enable some configuration during build time to enable ssh service on LAN? Or do I need to change system settings to enable it?

  • No labels

3 Comments

  1. Z-srinivas kota ramaiah

    HI Nitin Patet,

    The ip address assigned to the system that you are using(192.168.x.x) and the brlan0 ip address of your Rasberrypi (10.0.0.1)  are in different series that's why you are unable to ping to 10.0.0.1 from your system and unable to do the ssh. The data traffic  is not forwarded.

    Please take the input from the rasberrypi to the system that you are using, then the ip address are in the same series(10.0.0.x). then try ssh. it will works.


    Thanks and Regards

    Srinivas

    1. Z-Nitin Patet

      Hello Z-srinivas kota ramaiah,


      I have connected my host with RPi wifi(LAN) and my local system Ip address in range 10.0.0.x, In this case, I try to do ssh into rdkb - It didn't work.

      Then I connected my host with RPi WAN network and my local system Ip address in the range (192.168.0.x) of erouter0(WAN) network. In this configuration ssh login - worked.


      We need to SSH from both the 192.168.0.x series IP (external to the RPi network) as well as the 10.0.0.x series IP (within the RPi network). Could you please help us enable this?

      Also, ssh login from within the RPi network was working fine in an rdkb-next (master) image synced on 12th May 2020. It appears there is some regression preventing the SSH login from within the RPi network.

  2. Z-srinivas kota ramaiah

    HI Nitin Patet,

    There is a process by name dropbear which provides Secure Shell (SSH) v2 implementation, the dropbear is started by service_sshd.sh ,
    We can configure in the script to enable ssh for an perticular ip address.

    When we verified in the code base which was build on February, we noticed that in the script service_sshd.sh, the CMINTERFACE  was pointing to wan0  instead of erouter0 and the CM_IP  was NULL, due to which the dropbear enabled the ssh on all the interfaces(brlan0,brlan1,br0,br106,erouter0).

    dropbear -R -E -a -r /tmp/.dropbear/dropcfg15490 -r /tmp/.dropbear/dropcfg25490 -p []:22-P /var/run/dropbear.pid -B

    When we verified in the latest rdk-next code base, we noticed that in the script service_SSH.sh the CMINTERFACE  was pointing to erouter0 and the CM_IP  was 192.168.x.x, and  dropbear enabled the ssh on erouter0 interface. thats the reason we are unable to do ssh for other interfaces like brlan0.

    dropbear -R -E -a -r /tmp/.dropbear/dropcfg15490 -r /tmp/.dropbear/dropcfg25490 -p [192.168.x.x]:22-P /var/run/dropbear.pid -B

     Try to add the ip address of the interface, for which you need ssh port 22 enabled in the file service_sshd.sh and reboot the device.
    e.g.,
     dropbear -R -E -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -p [$CM_IP]:22 -p [$brlan_IP]:22 -P $PID_FILE -B

    CM_IP : erouter0 ip
    brlan_IP:  brlan0 ip



    netstat output:


    Thanks and Regards
    Srinivas