From: Mic M. <mi...@em...> - 2008-08-30 01:27:46
|
Message: 3 Date: Fri, 29 Aug 2008 15:10:39 -0700 From: "Brad Fuller" <bra...@gm...> Subject: Re: [Gumstix-users] logging to a remote machine To: "General mailing list for gumstix users." <gum...@li...> Message-ID: <df4...@ma...> Content-Type: text/plain; charset=UTF-8 On Fri, Aug 29, 2008 at 3:00 AM, Anil Dhyani <ani...@pa...> wrote: >> Hello all, >> >> I am having dropbear version 0.48 on it. I can generate dropbear key. >> >> My question is Can I use the dropbear key to log into a remote >> machine.? If yes then how? please mention exact steps ? >I just ssh'd into a connex fine. And then on the gumstix that I was ssh'd >into, I ssh to another PC fine. >It's as simple as: >root@gumstix-custom-connex:~$ ssh -l <username_on_remote> <IP_address> >example: >root@gumstix-custom-connex:~$ ssh -l brad 192.168.0.8 >-- >Brad Fuller >www.bradfuller.com Hi, It has been several months since I set this up and my notes are not as complete as I thought they were but here is a shot at it: The instructions are straightforward: 1. While logged in as the user on the computer that you will log in from generate an RSA private/public key. In Ubuntu, using OpenSSH this is done by running ssh-keygen -t rsa and accepting the default filename and empty passphrase. This creates both key files... ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub 2. The public file is copied (appended) to the ~/.ssh/authorized_keys file of the user on the computer that will be logged in to. 3. This worked fine logging into the gumstix from Ubuntu Similar instructions for the gumstix: 1. While logged into the gumstix as the user who will be logging in, generate the RSA public/private key by the command: dropbearkey -t rsa -f ~/.ssh/id\_rsa.db This will create the private key in the ~/.ssh/id_rsa.db file. The public key will be displayed on the screen. This needs to be placed in the ~/.ssh/authorized_keys file on the users Ubuntu account. 2. In practice this is done as follows: Because dropbearkey is in /usr/sbin and that is not in a standard user's path you must give the complete path. Also shown is the redirection of the screen output into the authorized_keys file. mic@gumstix-custom-connex:~$ /usr/sbin/dropbearkey -t rsa -f ~/.ssh/id\_rsa.db > ~/authorized_keys Will output 1024 bit rsa secret key to '/home/mic/.ssh/id_rsa.db' Generating key, this may take a while... This results in the authorized_keys file having extra characters in it: Public key portion is: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCEO9i52/N3owDn5eDVlpGuvmkTqphKUTs9RYL/ROy6 CwWtrtrqwSU7k6v94UMQvKI4TBx24+DMwnpXbqEFBE0+ogvXu350XLa1c96hUuwagip0ceSVhnZZJU/d Ee1d+f0GKHHpeB9KTYH3NwJrHasCQYaL9Qt81/2k9zHU1uhPvV8b Fingerprint: md5 47:25:3d:47:df:5f:02:56:3d:b4:5e:89:3a:7e:7c:00 mic@gumstix-custom-connex:~$ The authorized_keys file is copied to the target machine, in this case sandbox@<remote_ip_address>:/home/sandbox/.ssh This assumes that you have no authorized_keys file. If you do then you have to append your new public key to that file and edit it as described below. Wise to make a backup first. The file is then edited there to remove the highlighted text and all newlines and to add a space in front of “”Fingerprint”” resulting in saving a single line (again this assumes no existing authorized_keys file; each key entry is a single line). [I think the "highlighted text" referred to is "Public Key portion is: ssh-rsa"] Then can login without password by typing: mic@gumstix-custom-connex:~/.ssh$ ssh -i ~/.ssh/id\_rsa.db sandbox@<remote_ip_address> Should also be able to scp using: mic@gumstix-custom-connex:~/.ssh$ scp -i ~/.ssh/id\_rsa.db filename sandbox@<remote_ip_address>:/home/sandbox Ordinarily, those commands are included in a script; otherwise entering a password might be easier. If the public key is lost, you can regenerate it using: /usr/sbin/dropbearkey -y -f ~/.ssh/id\_rsa.db > ~/authorized_keys Hope that helps out a little. Mic Miller ------------------------------ |