0

I have a linux device with a dropbear running on it. I want to use the device as SSH client only, and not allow any SSH connections to it.

In order to do it, I added this line to the config file: DROPBEAR_ARGS='-p 127.0.0.01:22'

This seems to do the job. now i wonder if it is secure enough. Is it a good practice? is there a tricky way for someone to connect to my device anyway?

Yuval
  • 3
  • 1

1 Answers1

0

Stop dropbear in any service managers or init scripts that are starting it. Then you have no sshd listening.

Naturally, you will need some other protocol to manage the device.

John Mahowald
  • 30,009
  • 1
  • 17
  • 32
  • I need the dropbear to serve me as a SSH client, so i need it to run. Is there a security problem with the configuration i did? – Yuval May 30 '19 at 16:19
  • `dropbear` is the server, `dbclient` is the client. You do not need to run an sshd to run the client. Stopping a service you do not use a security best practice. – John Mahowald May 30 '19 at 18:48