Topic: ssh key auth
I need the chumby to allow ssh logins to a user i created by private/public keypair. i tried /home/user/.ssh/authorized_keys which is where /usr/local/etc/sshd_config says the keys should go any ideas?
Pages 1
You are not logged in. Please login or register.
Welcome
ssh key auth
chumbysphere forum → Software → ssh key auth
Posts: 4
- 9072997
- Chum
- Offline
- Materdaddy
- Moderator
- Offline
Re: ssh key auth
I was able to get public key authentication working by setting the permissions correctly on the home directory, .ssh directory, and authorized keys file. I didn't make a new user, but for root, that entailed the following:
chown -R root: /psp/.ssh
chmod 700 /psp /psp/.ssh
chmod 600 /psp/.ssh/authorized_keysYou might try something similar to get it working for your user:
chown -R new_user: ~
chmod 700 ~ ~/.ssh
chmod 600 ~/.ssh/authorized_keysLinux Guy - Occasional Chumby Hacker
3 2011-08-19 14:56:11 (edited by 9072997 2011-08-19 17:17:33)
- 9072997
- Chum
- Offline
Re: ssh key auth
i made a key pair with ssh-keygen. i copied the .pub file into /storage/user/.ssh/authorized_keys (the home directory). i also tried /psp/.ssh/authorized_keys . i changed the permisions as recomended, but i keep getting "server refused our key" any ideas
<UPDATE>I discovered the ssh-copy-id command and it worked! thanks. i imagine i somehow messed up permissions.</UPDATE>
4 2011-08-19 22:58:29 (edited by ryoohki 2011-08-20 03:46:25)
- ryoohki
- Member
- Offline
Re: ssh key auth
Here's a script I wrote to fix the ssh key issues on my Insignia Infocast 8":
chumby-12-34-56:/tmp # echo ; echo -n " control panel version: " ; cat /tmp/controlpanelversion ; echo -n
" software version: " ; chumby_version -s ; echo -n " firmware build number: " ; chumby_version -f ;
echo -n " hardware version number: " ; chumby_version -h ; echo
control panel version: 5.0.30
software version: 1.8.2
firmware build number: 1.8.3883
hardware version number: 9.7
http://dl.dropbox.com/u/5109011/fix_chumby_ssh_keys.sh
I've heard it works on the Chumby8.
My script is meant for a Linux host you are using to ssh into your chumby. From that host, you can copy /root/id_dsa to your windows machine and use PuTTYgen to create a "chumy.ppk" from this DSA private key for use with PuTTy and WinSCP. The script does not run on the chumby or the windows host. The script may also work on a Apple OSX machine.
Also, you still need to set the root password. I have not tried this on my chumby but it ought to work.
mount -o remount,rw /
sed -i -e 's/^root::/^root:*:"/g' /etc/passwd
passwd root
mount -o remount,ro /
See if it worked when finished:
chumby-12-34-56:~ # egrep ^root /etc/passwd /etc/shadow
/etc/passwd:root:*:0:0:root:/root:/bin/ash
/etc/shadow:root:$1$sOmjdKne$U9Ikmiw92IefsU0CWN/Ju/:15206:0:99999:7:::
Look on the first line for the asterisk in "root:*: ..." and the second line for the encrypted passwd "root:$1$sOmjdKne$U9Ikmiw92IefsU0CWN/Ju/: ...". Then test it from a host without the private key.
Here's an edited transcript of some of my activity between my Chumby and my Fedora 14 desktop.
Posts: 4
chumbysphere forum → Software → ssh key auth
Powered by PunBB, supported by Informer Technologies, Inc.