Some facts:
The dropbear that comes with KOReader is quite old: Dropbear server v2018.76 with custom patches applied.
- The default port is 2222 not 22 because not all users have root access to their device so they are unable to open any ports under 1000 IIRC.
- Hack option "-n" to disable password checking, probably a similar reason, users might not have a password.
- Keys are made to work with a relative path, for DSA,RSA,ECDSA, but NOT ed25519 because its not implemented.
- dss settings/SSH/dropbear_dss_host_key
- rsa settings/SSH/dropbear_rsa_host_key
- ecdsa settings/SSH/dropbear_ecdsa_host_key
- SSH should be 700 and authorized_keys should be 600 on regular Linux, I don't know if any patches are applied to tackle these prerequisites.
- KEYS should be 600.
If someone can point me to the applied patches, I might be able to compile the latest version v2022.83 with some additional security patches.