Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Dropbear SSH authorized_keys
03-10-2010, 06:58 AM
Post: #11
RE: Dropbear SSH authorized_keys
(01-18-2010 07:43 PM)bartman Wrote:  You have to re-compile the dropbear executable. It gets MUCH bigger. I tried to post this version onto the forum but it was never made public by the board admin. Until Data Robotics adds this part of the ssh definition, there really isnt any reason to try to get pubkey auth working. Save your time, dont even bother trying.

So did you get it working by recompiling the dropbear?
Find all posts by this user
Quote this message in a reply
03-10-2010, 10:46 AM
Post: #12
RE: Dropbear SSH authorized_keys
(03-10-2010 06:58 AM)exsor Wrote:  So did you get it working by recompiling the dropbear?

Yep, it works great. Try pestering the board ops to see if they will post my version. Or better yet, include a standards compliant SSH in the DroboShare to begin with!!
Find all posts by this user
Quote this message in a reply
07-01-2010, 12:02 PM
Post: #13
RE: Dropbear SSH authorized_keys
not sure if this helps but for drobofs, i replaced the dropbear.key under /mnt/DroboFS/Shares/DroboApps/dropbear using RSA
Find all posts by this user
Quote this message in a reply
07-23-2010, 09:45 AM
Post: #14
RE: Dropbear SSH authorized_keys
(01-18-2010 07:17 PM)plaine300 Wrote:  No luck. I picked this back up over the weekend and still no luck. If anyone manages to get it working, please post.


Make certain that .ssh and authorized keys have the right permissions.

chmod 700 .ssh
chmod 600 .ssh/authorized_keys


With that in place, this works for me.
Find all posts by this user
Quote this message in a reply
07-23-2010, 09:48 AM
Post: #15
RE: Dropbear SSH authorized_keys
what error are you getting and where?
Find all posts by this user
Quote this message in a reply
08-03-2010, 12:03 AM
Post: #16
Smile Working - RE: Dropbear SSH authorized_keys
ok, got it working tonight on my new DroboFS in about 5 minutes, it's a standard ssh setup, nothing special, no rebuilds needed (at least not with 1.0.5 firmware). Here's how with lots of details for those not familiar with ssh or embedded linux platforms:

1. ssh in with password and create the .ssh directory. This will end up being /mnt/DroboFS/.ssh in my case (on a DroboFS, DroboShare users might need a different mount point... check what root's home dir is set to in /etc/passwd, it's the next to last colon separated field in the output of "grep root /etc/passwd") It's important to note that it's NOT /root/.ssh as many would think, as the system doesn't use /root as root's home.

2. set the appropriate permissions on that dir: chmod go-rx .ssh

3. copy your authorized_keys file to a share, I used Public. Note: if you're using a modern linux distro or a mac, likely you have an authorized_keys2 file... note that dropbear doesn't know that file, rename it without the 2!

4. move said file into the dir you just created

5. set the appropriate permissions on that file: chmod go-rw .ssh/authorized_keys

So in summary, the sequence of commands in the ssh session look like:

Code:
mkdir .ssh
chmod go-rx .ssh
mv Shares/Public/authorized_keys2 .ssh/authorized_keys
chmod go-rw .ssh/authorized_keys
Visit this user's website Find all posts by this user
Quote this message in a reply
08-03-2010, 01:00 PM
Post: #17
Thumbs Up Dropbear authorized_keys on outgoing SSH working to!!
Got the same solution today Smile with a lot of trail and error and now reading your post makes me Sad. But that means: it works Smile!

If you first install the client (Description here) you don't need to create this folder. It's created by the client to store the "known_hosts"-file. One can just add the "authorized_keys" file with the command:
Code:
# vi authorized_keys

If you add an .ssh/id_rsa.pub which you can generate with the dropbearconvert or dropbearkey (included in the ssh client):
Code:
# dropbearkey -t rsa -f .ssh/id_rsa.pub

... you can connect from the Drobo FS to another Server using public key SSH. That's nice for rsync.

The command is:
Code:
# dbclient -i .ssh/id_rsa.pub user@server
(if your located in the home dir!)
Find all posts by this user
Quote this message in a reply
08-03-2010, 07:59 PM
Post: #18
RE: Dropbear SSH authorized_keys
Yes. This works for me too. Thanks guys. This was a big help.
Find all posts by this user
Quote this message in a reply
09-28-2010, 10:15 PM (This post was last modified: 09-28-2010 10:21 PM by diamondsw.)
Post: #19
RE: Dropbear SSH authorized_keys
Every time I set up public key SSH I mess up something, as right now it's not working. I created the authorized_keys file on my MacBook Pro, copied it over, and created the proper .ssh directory, moved in the keys file, and set the permissions. Restarted dropbear. Still no go. Here's a redacted transcript of a login session:


Code:
jochs@lightning ~ $ ssh root@drobo
root@drobo's password: < entered password manually :( >
# ls -al .ssh/
drwx------    2 root     root         4096 Sep 28 21:12 .
drwxr-xr-x    6 root     root         4096 Sep 28 21:12 ..
-rw-------    1 root     root          397 Sep 28 21:12 authorized_keys
# cat .ssh/authorized_keys
ssh-rsa REDACTED jochs@lightning
#

Drobo 5N | 32GB Crucial m4 SSD | 2 x 4TB Seagate, 3 x 2TB WD Caviar Green | FS/EXT3 diskpack
Peak performance >100MBps read/write (based on FS disk pack, no jumbo frames, no SSD)
DroboPorts: OpenSSH, unfsd, nano, screen, stgt (iSCSI), CrashPlan/Oracle JVM
Find all posts by this user
Quote this message in a reply
09-29-2010, 12:09 AM
Post: #20
RE: Dropbear SSH authorized_keys
looks like a problem i had. i copy&pasted my rsa-id into the authorized_keys on the drobo and it put newlines in it. the key has to be in one line only!
perhaps you like to rebuild authorized_keys with vi directly on the drobo. I don't like this moving files around thing very much. Just run
Code:
rm ~/.ssh/authorized_keys && vi ~/.ssh/authorized_keys
on the drobo and paste the response of
Code:
cat ~/.ssh/id_rsa.pub
on your MacBook into the drobo terminal window. no permission changing required!

(if you don't know vi: hit "i" before pasting and "ESC" after. to quit and save write: ":wq")
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump: