I guess multiple vulnerability scanners have things like that. Basically by testing various types of connections, one can determine some info from the remote part, besides what it claims to be. I haven't seen that directly, but I am sure it exists.
![dropbear vs openssh dropbear vs openssh](https://www.lffl.org/wp-content/uploads/2021/01/dropbear-client-login.png)
If you are external to the server, then see other answers, but there is no guarantee that was is returned from remote server is the truth, it can displays itself as whatever it wants.Īnother option remotely would be to do some "SSH fingerprinting". Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause. Or depending on your system and setup, for example you can use systemctl list-units to see exactly what runs currently, and what is the ssh server (then by inspecting systemd unit file you will see what command line it is, and other information) you can find the open files the process has (look in /proc/$PID/fd) which may yield either a link to a configuration file, or a logfile, and ideally the logfile would give enough information to pinpoint what process this is.SSH tunneling, SSH terminal emulation and SFTP client. When I disable all dropbear references in petalinux-config -c rootfs, the petalinux-build still attempts to include it. This concerns the petalinux 2017.2 release for the zcu102 board. Free and open source FTP, FTP/SSL and SFTP GUI client ( beware of adware ). Jat 1:26 AM petalinux 2017.2 - cant use openssh instead of dropbear My last post seemed to disappear so I am re-posting my issue. Despite its name its not limited to SCP, but works with SFTP and FTP/SSL too. running strings on it is really the last course of actions but can yield results (you will most certainly find back also the string that is reported by the server remotely, as other answers show) Specialized applications from connecting to SFTP.
![dropbear vs openssh dropbear vs openssh](https://1.bp.blogspot.com/-MQ6hwsPXxtE/WAKX2LxajUI/AAAAAAAAGUg/YpjUFjzgKaUGuNGQx3YLufssxTtw1QXsQCLcB/s640/ssh-audit.png)
You will then be able to find the full command line of the running server which may be enough to identify it or else you may use to other options: If you are on the server, look at the process attached to the network port where ssh is expected ( 22 or something else).