Created attachment 3653 [details] ssh-copy-id with commented out dropbear bug. The script assumes that systems running dropbear SSH server must save the authorized key in /etc/dropbear/authorized_keys [1]. But this is not the default for dropbear, so I think it's fair to consider it a bug and fix it. By default dropbear saves user ssh keys in the usual ~/.ssh/authorized_keys and therefore needs no special handling in ssh-copy-id. The bug affects all Buildroot systems, and anything else with an unmodified dropbear. I commented out the dropbear) block in my ssh-copy-id and now it works as expected, i.e. I can ssh-copy-id to a remote running dropbear, the keys are added to the remote ~/.ssh/authorized_keys, and I can ssh to remote without password prompt afterwards. It's possible this dropbear switch bug was added by someone who uses system, that runs a modified version of dropbear, perhaps router of some sort. 1: https://github.com/openssh/openssh-portable/blob/master/contrib/ssh-copy-id#L338 -- Your, Stephan
Showing affected version of OpenSSH $ pacman -Qo /usr/bin/ssh-copy-id /usr/bin/ssh-copy-id is owned by openssh 9.1p1-3
$ ssh -V OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022 $ ssh -V OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
Oh, I just realized this: https://github.com/openssh/openssh-portable/pull/250