Dropbear: Difference between revisions
| Line 100: | Line 100: | ||
===How to set public key of OpenSSH in the target=== | ===How to set public key of OpenSSH in the target=== | ||
The public key got it in the host, must be added in the target file ''/home/<user>/.ssh/authorized_keys'', It must have format similar to: | |||
ssh-rsa AAAAB3NzaC1yc2EA ................... SVr8uIPvPCYwSsvq5yU= <user>@<host> | |||
After to do that, restart the Dropbear server using the following command: | |||
/etc/init.d/dropbear restart | |||
===Commands to use ssh without password request=== | ===Commands to use ssh without password request=== | ||
Revision as of 10:02, 19 May 2010
Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is particularly useful for "embedded" type Linux systems
Enabling dropbear
How to enable Dropbear server
1-Open sdk configuration system
$ make config
2- Enable Dropbear server:
-> File System Configuration
-> Select target's file system software
[*] dropbear-0.52 (SSH Server)
3- When you check Dropbear server, you can enable scp and ssh
-*- dropbear-0.52 (SSH Server) [*] Enable dbclient (SSH Client) [*] Enable scp
Starting dropbear server
To start the server you can use the script located in /etc/init.d/ named "dropbear"
/etc/init.d/dropbear start
When you run this command, normally you can see some messages about keys, you can get of this log
Commands to use ssh
From host:
$ dbclient user@host
From target:
$ ssh user@host
Commands to use scp
From target or host:
$ scp <file> user@host:/<location>
Setting keys to get ssh connections without password requests
To enable this option you need to add "-s" option at the start server command, it can be added in the devdir fs or in the target fs directly.
If you want to add this option in the devdir, open the file <DEVDIR>/fs/apps/dropbear.x.y/dropbear and add the option "-s" in the flag DROPBEAR_EXTRA_ARGS of the following way:
DROPBEAR_EXTRA_ARGS=-s
After do that, rebuild and reinstall the application, then start the Dropbear server running the following script:
/etc/init.d/dropbear start
The first time that you run this script, you can see in log some messages about generating public and private keys, you can take the public key to add it in host computer, if Dropbear was started at this point, you can get the public key manually, this process must be explained in the following section.
If you want to add this option in the target fs directly, you need to do the same action in the script /etc/init.d/dropbear. After that, restart the application
/etc/init.d/dropbear restart
How to get public and private keys of Dropbear in the target manually
You can use "dropbearkey" tool to create public and private keys or see public keys.
To create an pair of keys you can run the following command:
$ dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
The last command saves in /etc/dropbear/dropbear_rsa_host_key the private key, and prints the public key. If you want to get only the public key as you need to save in the authorized keys in the host, you can run the commmand
$ dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | grep ssh-rsa
How to set Dropbear public key in host
When you have the public key generated by Dropbear in your target, it must be placed in the correctly host file location to get connectivity without password request.
The public key must added in the file
/home/<user>/.ssh/authorized_keys
The public key generated by Dropbear must have format similar to:
ssh-rsa AAAAB3NzaC1yc.................C1vSjw2Xcm9KU9mXJtKRj root@davinci
After to add the public key in the host, the ssh server must be reinitialized
/etc/init.d/ssh restart
How to get OpenSSH public and private keys in the host computer
When you run the following command, you will get two files in ~/.ssh/, one is called id_rsa, it's the private key (It mustn't be touched) and another that is named id_rsa.pub, in this file you can find the the public key that must be added in the target in the location explained in the next section.
ssh-keygen -b 4096 -t rsa
How to set public key of OpenSSH in the target
The public key got it in the host, must be added in the target file /home/<user>/.ssh/authorized_keys, It must have format similar to:
ssh-rsa AAAAB3NzaC1yc2EA ................... SVr8uIPvPCYwSsvq5yU= <user>@<host>
After to do that, restart the Dropbear server using the following command:
/etc/init.d/dropbear restart
Commands to use ssh without password request
From host:
$ ssh user@host
From target:
$ dbclient user@host -i /etc/dropbear/dropbear_rsa_host_key
Commands to use scp without password request
Form host:
$ scp <file> user@host:/<location>
Form target:
$ scp <file> user@host:/<location> -i /etc/dropbear/dropbear_rsa_host_key