Erik,

Thanks for your suggestion.

Actually my board will reboot and recover to its   original sdcard image each 2-3 days automatically, so any potential security threats might not be problems.

But there is a complex problem. I have to start the auto build script in /etc/init.d/rc.local (or other rc* ?). Since there is no user logging in, the ~ is treated as / rather than /root, and all works are done under /.

Well I still do not worry about that, for my board's quick recovery. But my concern is can this way work: copying .ssh/ from  /root to / or creating a symbolic link to /root/.ssh in/ ?

Do you have any more suggestions?

Ben






在2014年08月01 17时44分,"Erik Petrich"<epetrich@ivorytower.norman.ok.us>写道:



On Fri, 1 Aug 2014, Ben Shi wrote:

> Hi, Erik,
>
> The auto build script has been running on my arm board for consecutive days,
> and I though it is stable enough to go on with next steps.
>
> According to thewiki http://sdcc.sourceforge.net/mediawiki/index.php/Distributed_Compile_Fa
> rm, I should create ssh keys and then send to you. 
>
> However the link to instructions can not be open from my side, so I simply
> do it by typing a command "ssh-keygen -t rsa" on my board, then two files
> are generated, 
> /root/.ssh/id_rsa
> /root/.ssh/id_rsa.pub

You should run the ssh-keygen program as the sdcc-builder user. Then the
files will be generated as
  ~sdcc-builder/.ssh/id_rsa
  ~sdcc-builder/.ssh/id_rsa.pub

Theoretically, you could move the files that you have already generated to
these locations, but if the file permissions (and the .ssh directory) are
not exactly correct, ssh will not trust them and then ignores them. It
would probably be more foolproof to rerun ssh-keygen as sdcc-builder and
it will automatically create the files and directory with the correct
permissions.

> 1. Should I send the id_rsa.pub to you ? (already attached)

Yes.

> 2. where should the private key file be placed so the auto build script can
> find it ?

In the .ssh directory of the user running the build script (should be
sdcc-builder).

> 3. Are there any other steps are needed ? 
> My board is called CubieBoard with a Debian 7.0 Wheezy running on it. Is
> more information needed about my board / OS?
>
> Ben  

For the upload, the script will use first part of the computer's hostname
as the login username, which should be what "hostname -s" says. Is that
"CubieBoard"?

That should be all the steps you need to take. There are a few more on my
end to set up the account on the DCF mediator computer and update the
files that generate the snapshot page.

  Erik