This howto is a (soon to be) detailed tutorial about securing your dropbear ssh daemon for public access uses.
Problems facing with a public sshd:
No normal group for users and no normal user
No facility to ban IPs with many failed login attempts
File system permissions are very lax on default OpenWrt
Preventing normal users from exploiting busybox to gain access to root only commands.
(Problem linux has no permissions for symlinks.)
Ideas to be tested for security:
⇒ goal: prevent users from accessing certain commands