dropbear-bin - lightweight SSH2 server and client - command line tools

Property Value
Distribution Ubuntu 18.04 LTS (Bionic Beaver)
Repository Ubuntu Universe amd64
Package name dropbear-bin
Package version 2017.75
Package release 3build1
Package architecture amd64
Package type deb
Installed size 451 B
Download size 108.92 KB
Official Mirror archive.ubuntu.com
dropbear is a SSH 2 server and client designed to be small enough to
be used in small memory environments, while still being functional and
secure enough for general use.
It implements most required features of the SSH 2 protocol, and other
features such as X11 and authentication agent forwarding.
This package provides dropbear, dbclient, dropbearkey and dropbearconvert.


Package Version Architecture Repository
dropbear-bin_2017.75-3build1_i386.deb 2017.75 i386 Ubuntu Universe
dropbear-bin - - -


Name Value
libc6 >= 2.25
libtomcrypt1 -
libtommath1 -
zlib1g >= 1:1.1.4


Name Value
ssh-server -


Name Value
dropbear << 2015.68-1


Type URL
Binary Package dropbear-bin_2017.75-3build1_amd64.deb
Source Package dropbear

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install dropbear-bin deb package:
    # sudo apt-get install dropbear-bin




2017-11-21 - Colin Watson <cjwatson@ubuntu.com>
dropbear (2017.75-3build1) bionic; urgency=medium
* Rebuild against libtomcrypt1.
2017-10-22 - Guilhem Moulin <guilhem@debian.org>
dropbear (2017.75-3) unstable; urgency=low
* debian/control:
+ Remove hardcoding of libtomcryptX/libtommathY in dropbear-bin's Depends.
(Closes: #879221.)
+ Bump Standards-Version to 4.1.1.  Changes:
- Replace dropbear's Priority from extra to optional (inherited from
source package paragraph).
2017-08-08 - Guilhem Moulin <guilhem@debian.org>
dropbear (2017.75-2) unstable; urgency=low
* dropbear-initramfs:
+ init-bottom script: in the init-bottom script, send a SIGTERM to all
process groups the leader of which is a child of the dropbear process,
to ensure that all children of all SSH sessions are terminated (before
dropear itself is killed).
+ postinst: don't print the reminder to check "ip=" boot parameter if it's
already found in /proc/cmdline.
+ premount script: log to standard error if the 'debug' environment
variable is set.
+ premount script: boot method (local or NFS) is in environment variable
'BOOT' not 'boot'.
+ On local mounts, don't bring down the network before dropbear was
terminated (at init-bottom stage, not at local-bottom stage).  Bringing
down the network while an SSH session is still active makes clients hang
until the connection times out.
+ init-bottom script: log which network interfaces are being brought down.
+ init-bottom script: replace xargs(1) with a while loop as it's
apparently not included in Ubuntu's busybox.  (LP: #1652091)
+ Compile with '--disable-bundled-libtom' to use system libtomcrypt /
libtommath.  (Closes: #870035)
* debian/control: bump Standards-Version to 4.0.0 (no changes necessary).
* debian/{control,dropbear-bin.install,dropbear-bin.manpages}: apply
2017-06-17 - Guilhem Moulin <guilhem@debian.org>
dropbear (2017.75-1) unstable; urgency=medium
* New upstream release.  Remove quilt patches CVE-2017-9078 and
CVE-2017-9079, previously backported from 2017.75 to 2016.74-5.
2017-05-19 - Guilhem Moulin <guilhem@debian.org>
dropbear (2016.74-5) unstable; urgency=high
* Backport security fixes from 2017.75 (closes: #862970):
- CVE-2017-9078: Fix double-free in server TCP listener cleanup
A double-free in the server could be triggered by an authenticated user
if dropbear is running with -a (Allow connections to forwarded ports
from any host) This could potentially allow arbitrary code execution as
root by an authenticated user.
- CVE-2017-9079: Fix information disclosure with ~/.ssh/authorized_keys
Dropbear parsed authorized_keys as root, even if it were a symlink. The
fix is to switch to user permissions when opening authorized_keys
A user could symlink their ~/.ssh/authorized_keys to a root-owned file
they couldn't normally read. If they managed to get that file to contain
valid authorized_keys with command= options it might be possible to read
other contents of that file.
This information disclosure is to an already authenticated user.
2017-05-14 - Guilhem Moulin <guilhem@guilhem.org>
dropbear (2016.74-4) unstable; urgency=medium
* Also trigger maintainer scripts when upgrading from dropbear
2014.65-1+deb8u1, by changing the upper bound from 2014.65-1 to
2015.68-1~.  (Closes: #862544)
2017-04-16 - Guilhem Moulin <guilhem@guilhem.org>
dropbear (2016.74-3) unstable; urgency=high
* debian/copyright: add missing paragraphs to match upstream's LICENSE file.
(Closes: #860406.)

See Also

Package Description
dropbear-initramfs_2017.75-3build1_all.deb lightweight SSH2 server and client - initramfs integration
dropbear-run_2017.75-3build1_all.deb lightweight SSH2 server and client - startup scripts
dropbear_2017.75-3build1_all.deb transitional dummy package for dropbear-{run,initramfs}
drpython_3.11.4-1.1_all.deb simple and customizable editor for the Python language
drraw_2.2b2-4_all.deb simple web based presentation front-end for RRDtool
drslib_0.3.0a3-5build1_all.deb Command-line tools for the Data Reference Syntax library
drumgizmo_0.9.14-3_amd64.deb Audio sampler plugin and stand-alone app that simulates a real drum kit
drumkv1-common_0.8.6-1_amd64.deb old-school drum-kit sampler - common files
drumkv1-lv2_0.8.6-1_amd64.deb old-school drum-kit sampler - lv2-plugin
drumkv1_0.8.6-1_amd64.deb old-school drum-kit sampler - standalone
drumstick-tools_0.5.0-4_amd64.deb Qt4/C++ wrapper for ALSA Sequencer - utilities
dsdp-doc_5.8-9.4_all.deb Software for Semidefinite Programming
dsdp_5.8-9.4_amd64.deb Software for Semidefinite Programming
dsh_0.25.10-1.3_amd64.deb dancer's shell, or distributed shell
dsniff_2.4b1+debian-28.1~build1_amd64.deb Various tools to sniff network traffic for cleartext insecurities