Dropbear: Difference between revisions
Line 44: | Line 44: | ||
$ scp <file> user@host:/<location> | $ scp <file> user@host:/<location> | ||
==Setting keys to get ssh | ==Setting keys to get ssh connectivity without password requests== | ||
To enable this | To enable this mode, you need to add "-s" option at the start server command, it can be added in the devdir fs script or in the target fs directly. | ||
If you want to add this option in the devdir, open the file <DEVDIR>/fs/apps/dropbear.x.y/dropbear and add the option "-s" in the flag DROPBEAR_EXTRA_ARGS | If you want to add this option in the devdir, open the file <DEVDIR>/fs/apps/dropbear.x.y/dropbear and add the option "-s" in the flag DROPBEAR_EXTRA_ARGS | ||
DROPBEAR_EXTRA_ARGS=-s | DROPBEAR_EXTRA_ARGS=-s | ||
Line 58: | Line 58: | ||
/etc/init.d/dropbear start | /etc/init.d/dropbear start | ||
The first time that you run this script, you can see in log | The first time that you run this script, you can see in the log, messages about generation of public and private keys, you can take the public key to add it in host computer, if Dropbear was started at this point, you can get the public key manually, this process must be explained in the following section. | ||
If you want to add this option in the target fs directly, you need to do the same action in the script /etc/init.d/dropbear. After that, restart the application | If you want to add this option in the target fs directly, you need to do the same action in the script /etc/init.d/dropbear. After that, restart the application | ||
Line 66: | Line 66: | ||
===How to get Dropbear public and private keys in target manually=== | ===How to get Dropbear public and private keys in target manually=== | ||
You can use "dropbearkey" tool to create public and private keys or see public | You can use "dropbearkey" tool to create public and private keys or see public key. | ||
To create an pair of keys | To create an pair of keys, run the following command: | ||
$ dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key | $ dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key | ||
The last command saves in ''/etc/dropbear/dropbear_rsa_host_key'' the private key, and prints the public key. If you want to get only the public key | The last command saves in ''/etc/dropbear/dropbear_rsa_host_key'' the private key, and prints the public key. If you want to get only the public key in the required format to authorized_keys, run the commmand: | ||
$ dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | grep ssh-rsa | $ dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | grep ssh-rsa | ||
Line 78: | Line 78: | ||
===How to set Dropbear public key in host=== | ===How to set Dropbear public key in host=== | ||
When you have the public key generated by Dropbear in your target, it must be | When you have the public key generated by Dropbear in your target, it must be added in the correctly host file location. | ||
The public key must added in the file | The public key must added in the file | ||
Line 84: | Line 84: | ||
/home/<user>/.ssh/authorized_keys | /home/<user>/.ssh/authorized_keys | ||
The public key generated by Dropbear must have format | The public key generated by Dropbear must have similar format to: | ||
ssh-rsa AAAAB3NzaC1yc.................C1vSjw2Xcm9KU9mXJtKRj <user>@<host> | ssh-rsa AAAAB3NzaC1yc.................C1vSjw2Xcm9KU9mXJtKRj <user>@<host> | ||
After to add the public key in the host, the ssh server | After to add the public key in the host, reinitialize the ssh server: | ||
/etc/init.d/ssh restart | /etc/init.d/ssh restart | ||
Line 94: | Line 94: | ||
===How to get OpenSSH public and private keys in host computer=== | ===How to get OpenSSH public and private keys in host computer=== | ||
Running the following command, you will get two files in ''~/.ssh/'', one is named id_rsa, it's the private key (It mustn't be touched) and another that is named id_rsa.pub, this file contain the public key, this contend must be added in target location explained in the next section. | |||
ssh-keygen -b 4096 -t rsa | ssh-keygen -b 4096 -t rsa | ||
Line 100: | Line 100: | ||
===How to set OpenSSH public key in target=== | ===How to set OpenSSH public key in target=== | ||
The public key | The public key generated in host, must be added in the target file ''/home/<user>/.ssh/authorized_keys'', It must have format similar to: | ||
ssh-rsa AAAAB3NzaC1yc2EA ................... SVr8uIPvPCYwSsvq5yU= <user>@<host> | ssh-rsa AAAAB3NzaC1yc2EA ................... SVr8uIPvPCYwSsvq5yU= <user>@<host> |
Revision as of 10:33, 19 May 2010
Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is particularly useful for "embedded" type Linux systems
Enabling dropbear
How to enable Dropbear server
1-Open sdk configuration system
$ make config
2- Enable Dropbear server:
-> File System Configuration -> Select target's file system software [*] dropbear-0.52 (SSH Server)
3- When you check Dropbear server, you can enable scp and ssh
-*- dropbear-0.52 (SSH Server) [*] Enable dbclient (SSH Client) [*] Enable scp
Starting dropbear server
To start server, run the following script:
/etc/init.d/dropbear start
When you run this script, normally the public key is printed in the log.
Commands to use ssh
From host:
$ dbclient user@host
From target:
$ ssh user@host
Commands to use scp
From target or host:
$ scp <file> user@host:/<location>
Setting keys to get ssh connectivity without password requests
To enable this mode, you need to add "-s" option at the start server command, it can be added in the devdir fs script or in the target fs directly.
If you want to add this option in the devdir, open the file <DEVDIR>/fs/apps/dropbear.x.y/dropbear and add the option "-s" in the flag DROPBEAR_EXTRA_ARGS
DROPBEAR_EXTRA_ARGS=-s
After do that, rebuild and reinstall the application, then start the Dropbear server running the following script:
/etc/init.d/dropbear start
The first time that you run this script, you can see in the log, messages about generation of public and private keys, you can take the public key to add it in host computer, if Dropbear was started at this point, you can get the public key manually, this process must be explained in the following section.
If you want to add this option in the target fs directly, you need to do the same action in the script /etc/init.d/dropbear. After that, restart the application
/etc/init.d/dropbear restart
How to get Dropbear public and private keys in target manually
You can use "dropbearkey" tool to create public and private keys or see public key.
To create an pair of keys, run the following command:
$ dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
The last command saves in /etc/dropbear/dropbear_rsa_host_key the private key, and prints the public key. If you want to get only the public key in the required format to authorized_keys, run the commmand:
$ dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | grep ssh-rsa
How to set Dropbear public key in host
When you have the public key generated by Dropbear in your target, it must be added in the correctly host file location.
The public key must added in the file
/home/<user>/.ssh/authorized_keys
The public key generated by Dropbear must have similar format to:
ssh-rsa AAAAB3NzaC1yc.................C1vSjw2Xcm9KU9mXJtKRj <user>@<host>
After to add the public key in the host, reinitialize the ssh server:
/etc/init.d/ssh restart
How to get OpenSSH public and private keys in host computer
Running the following command, you will get two files in ~/.ssh/, one is named id_rsa, it's the private key (It mustn't be touched) and another that is named id_rsa.pub, this file contain the public key, this contend must be added in target location explained in the next section.
ssh-keygen -b 4096 -t rsa
How to set OpenSSH public key in target
The public key generated in host, must be added in the target file /home/<user>/.ssh/authorized_keys, It must have format similar to:
ssh-rsa AAAAB3NzaC1yc2EA ................... SVr8uIPvPCYwSsvq5yU= <user>@<host>
After to do that, restart the Dropbear server using the following command:
/etc/init.d/dropbear restart
Commands to use ssh without password request
From host:
$ ssh user@host
From target:
$ dbclient user@host -i /etc/dropbear/dropbear_rsa_host_key
Commands to use scp without password request
Form host:
$ scp <file> user@host:/<location>
Form target:
$ scp <file> user@host:/<location> -i /etc/dropbear/dropbear_rsa_host_key