MobileRead Forums - View Single Post - Aura HD Dropbear SSH preinstalled: new way to access?

frafra · 06-13-2014, 07:08 PM

Hi,
I've seen (using nmap) that on my new Kobo Aura HD there's Dropbear SSH running on 2222 by default, without doing any kind of hack.

Why is it running? It is something related with the Windows/MacOS client? Is there any key allowed? Could it be a security issue?

This could also be another way to get a remote console: just a simple fake Kobo upgrade tgz containing a public key appended to /.ssh/allowed_keys (or maybe /root/.ssh/...). What do you think about it?

Update: no sign of Dropbear preinstalled; it was just an error caused from Kobo way to manage your default wifi network connection

06-13-2014, 07:08 PM	#1
frafra Member Posts: 22 Karma: 10 Join Date: Jun 2014 Device: Onyx BOOX M92 (broken), Kobo Aura HD (stolen), Kobo Aura H2O 2nd ed.	Dropbear SSH preinstalled: new way to access? (false alarm) Hi, I've seen (using nmap) that on my new Kobo Aura HD there's Dropbear SSH running on 2222 by default, without doing any kind of hack. Why is it running? It is something related with the Windows/MacOS client? Is there any key allowed? Could it be a security issue? This could also be another way to get a remote console: just a simple fake Kobo upgrade tgz containing a public key appended to /.ssh/allowed_keys (or maybe /root/.ssh/...). What do you think about it? Update: no sign of Dropbear preinstalled; it was just an error caused from Kobo way to manage your default wifi network connection Last edited by frafra; 06-14-2014 at 12:04 PM.