Skip to content

boards/esp32c3-devkit: add Dropbear SSH server configuration #19062

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
FelipeMdeO wants to merge 2 commits into
base: master
Choose a base branch
from
+141 −0
Open

boards/esp32c3-devkit: add Dropbear SSH server configuration #19062

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c5a238a
boards/esp32c3-devkit: add Dropbear SSH server support
FelipeMdeO Jun 25, 2026
27a30fa
Documentation/esp32c3-devkit: document Dropbear SSH server setup
FelipeMdeO Jun 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions Documentation/platforms/risc-v/esp32c3/boards/esp32c3-devkit/index.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,54 @@ should look like this::
hmac sha256 success
hmac sha256 success

dropbear
--------

This configuration brings up the `Dropbear <https://matt.ucc.asn.au/dropbear/dropbear.html>`__
SSH server so that an NSH session can be reached over the network. It pulls in
Wi-Fi station mode, the DHCP client, the WAPI tooling and ``/dev/urandom`` so the
link is configured automatically at boot, and it persists the SSH host key and
the user database on the SPIFFS partition mounted at ``/data``.

The Wi-Fi credentials shipped in the defconfig are placeholders. Set your own
SSID and passphrase before flashing::

$ make menuconfig
-> Application Configuration
-> Network Utilities
-> Network initialization (NETUTILS_NETINIT [=y])
-> WAPI Configuration


When the board boots it joins the configured network, requests an address over
DHCP and starts the Dropbear daemon. Check the assigned address with::

nsh> ifconfig
wlan0 Link encap:Ethernet HWaddr 84:f7:03:xx:xx:xx at RUNNING mtu 1504
inet addr:192.168.1.xx DRaddr:192.168.1.x Mask:255.255.255.0

The first time the daemon runs it generates an ECDSA host key and stores it at
``/data/dropbear_ecdsa_host_key`` (``CONFIG_NETUTILS_DROPBEAR_HOSTKEY_PATH``), and
the user accounts are read from ``/data/passwd`` (``CONFIG_FSUTILS_PASSWD_PATH``).
Because both files live on the persistent ``/data`` partition, the host key and
the credentials survive reboots, so clients do not see a changing host key.

Add a user from the board before connecting (the password file is created on the
first ``useradd``)::

nsh> useradd admin mypassword

From a host on the same network, open an SSH session and run NSH commands
remotely::

$ ssh admin@192.168.1.xx
admin@192.168.1.xx's password:
nsh>

Each session runs over a pseudo-terminal (``CONFIG_PSEUDOTERM``), and ``Ctrl-C``
is forwarded to the remote NSH (``CONFIG_TTY_SIGINT``). The daemon keeps running
after a session ends, so multiple clients can connect over time.

efuse
-----

Expand Down
93 changes: 93 additions & 0 deletions boards/risc-v/esp32c3/esp32c3-devkit/configs/dropbear/defconfig
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
#
# This file is autogenerated: PLEASE DO NOT EDIT IT.
#
# You can use "make menuconfig" to make any modifications to the installed .config file.
# You can then do "make savedefconfig" to generate a new defconfig file that includes your
# modifications.
#
# CONFIG_NDEBUG is not set
# CONFIG_NSH_ARGCAT is not set
# CONFIG_NSH_CMDOPT_HEXDUMP is not set
CONFIG_ALLOW_BSD_COMPONENTS=y
CONFIG_ARCH="risc-v"
CONFIG_ARCH_BOARD="esp32c3-devkit"
CONFIG_ARCH_BOARD_COMMON=y
CONFIG_ARCH_BOARD_ESP32C3_DEVKIT=y
CONFIG_ARCH_CHIP="esp32c3"
CONFIG_ARCH_CHIP_ESP32C3=y
CONFIG_ARCH_INTERRUPTSTACK=2048
CONFIG_ARCH_IRQ_TO_NDX=y
CONFIG_ARCH_MINIMAL_VECTORTABLE_DYNAMIC=y
CONFIG_ARCH_NUSER_INTERRUPTS=17
CONFIG_ARCH_RISCV=y
CONFIG_ARCH_STACKDUMP=y
CONFIG_BOARD_LOOPSPERMSEC=15000
CONFIG_BUILTIN=y
CONFIG_DEV_URANDOM=y
CONFIG_DRIVERS_IEEE80211=y
CONFIG_DRIVERS_WIRELESS=y
CONFIG_ESPRESSIF_SPIFLASH=y
CONFIG_ESPRESSIF_SPIFLASH_SPIFFS=y
CONFIG_ESPRESSIF_WIFI=y
CONFIG_EXAMPLES_RANDOM=y
CONFIG_FSUTILS_PASSWD=y
CONFIG_FSUTILS_PASSWD_PATH="/data/passwd"
CONFIG_FS_PROCFS=y
CONFIG_IDLETHREAD_STACKSIZE=2048
CONFIG_INIT_ENTRYPOINT="nsh_main"
CONFIG_INIT_STACKSIZE=8192
CONFIG_INTELHEX_BINARY=y
CONFIG_IOB_BUFSIZE=128
CONFIG_IOB_NBUFFERS=160
CONFIG_IOB_THROTTLE=24
CONFIG_LIBC_GAISTRERROR=y
CONFIG_LIBC_PERROR_STDOUT=y
CONFIG_LIBC_STRERROR=y
CONFIG_NETDB_DNSCLIENT=y
CONFIG_NETDEV_LATEINIT=y
CONFIG_NETDEV_PHY_IOCTL=y
CONFIG_NETDEV_WIRELESS_IOCTL=y
CONFIG_NETINIT_DHCPC=y
CONFIG_NETINIT_WAPI_PASSPHRASE="mypasswd"
CONFIG_NETINIT_WAPI_SSID="myssid"
CONFIG_NETUTILS_DROPBEAR=y
CONFIG_NETUTILS_DROPBEAR_HOSTKEY_PATH="/data/dropbear_ecdsa_host_key"
CONFIG_NETUTILS_IPERF=y
CONFIG_NET_BROADCAST=y
CONFIG_NET_ETH_PKTSIZE=1514
CONFIG_NET_ICMP_SOCKET=y
CONFIG_NET_TCP=y
CONFIG_NET_TCP_DELAYED_ACK=y
CONFIG_NET_TCP_WRITE_BUFFERS=y
CONFIG_NET_UDP=y
CONFIG_NFILE_DESCRIPTORS_PER_BLOCK=6
CONFIG_NSH_BUILTIN_APPS=y
CONFIG_NSH_DROPBEAR=y
CONFIG_NSH_FILEIOSIZE=512
CONFIG_NSH_READLINE=y
CONFIG_NSH_STRERROR=y
CONFIG_PREALLOC_TIMERS=0
CONFIG_PSEUDOTERM=y
CONFIG_PSEUDOTERM_RXBUFSIZE=1024
CONFIG_PSEUDOTERM_TXBUFSIZE=2048
CONFIG_PTHREAD_MUTEX_TYPES=y
CONFIG_RR_INTERVAL=200
CONFIG_SCHED_BACKTRACE=y
CONFIG_SCHED_LPWORK=y
CONFIG_SCHED_WAITPID=y
CONFIG_SIG_DEFAULT=y
CONFIG_START_DAY=29
CONFIG_START_MONTH=11
CONFIG_START_YEAR=2019
CONFIG_SYSTEM_DHCPC_RENEW=y
CONFIG_SYSTEM_DUMPSTACK=y
CONFIG_SYSTEM_NSH=y
CONFIG_SYSTEM_PING=y
CONFIG_TESTING_GETPRIME=y
CONFIG_TESTING_OSTEST=y
CONFIG_TLS_TASK_NELEM=4
CONFIG_TTY_SIGINT=y
CONFIG_UART0_SERIAL_CONSOLE=y
CONFIG_WIRELESS=y
CONFIG_WIRELESS_WAPI=y
CONFIG_WIRELESS_WAPI_CMDTOOL=y
Loading