The Arduino Yún ships with Dropbear version 2011.54-2. There are multiple vulnerabilities with it and is not advised to be used. If your arduino is in a remote location and you want to update to OpenSSH, without losing remote access to the device, follow these steps.
- Change the Dropbear port to an unused/free one on your box and restart Dropbear
uci set dropbear.@dropbear.Port=2222 uci commit dropbear /etc/init.d/dropbear restart
- Reconnect to your Yun via SSH on the configured port above
- Install the openssh-server
opkg update opkg install openssh-server
- Enable and start OpenSSH server. OpenSSH will listen now on port 22
/etc/init.d/sshd enable /etc/init.d/sshd start
- Reconnect to your yun via SSH on port 22
- Now you can disable Dropbear
/etc/init.d/dropbear disable /etc/init.d/dropbear stop
- Install the
openssh-sftp-serverpackage to install support for the SFTP protocol which SSHFS uses
opkg update opkg install openssh-sftp-server
Log into the Yun from the web address. Go to Configure > Advanced Configuration > System > Software and under Installed Packages and remove Dropbear.