Differences

inbox:howto:dropbear.public-key.auth [2013/01/30 16:20] slickkitten Added Dropbear homepage to links.		inbox:howto:dropbear.public-key.auth [2013/01/30 16:40] (current) slickkitten Simplified commands.
Line 56:		Line 56:
	C:\> putty.exe @OpenWrt-Session		C:\> putty.exe @OpenWrt-Session
	</code>		</code>
-
-	==== Using SSH Secure Shell Client on Windows ====
-	The Only difference in OpenSSH/PuTTY and this client is, the key pair generated has a <code>--Begin</code>
-	and ''--End'', and your ''Comment'' with date is also added in a new line. So first generate the key by opening SSH Client from menu options select Edit→Settings→Global Settings→User Authentication→Keys
-
-	* Generate New will create ''id_dsa'' and ''id_dsa.pub''
-	* Upload (will not work if sftp is not enabled on WRT) simply creates a new authorized_keys2 (in most cases there is none) with the ''---Begin Key, Comment'', ''public_key'' and ''---End Key'' lines
-	* Delete everything else other than the public_key line ''make sure its one line'' and prepend, 'ssh-rsa' or 'ssh-dss' (without quotes based on your key type) then save & exit. NOTE that it's 'ssh-dss' for a file name id_dsa, it's easy making it 'ssh-dsa' and really hard to find the typo!
-	* <code>cat tmp/.ssh/authorized_keys2 >> /etc/dropbear/authorized_keys; rm -rf /tmp/.ssh</code>
-
-
Line 72:		Line 61:
	===== Disable password login =====		===== Disable password login =====
	For more security you can disable Dropbear's password login.		For more security you can disable Dropbear's password login.
-
-	===== Disable password login (Kamikaze Method) =====
-	Follow the same guidelines as above but adjust the settings with UCI
	<code>		<code>
Line 81:		Line 67:
	</code>		</code>
		+	See also [[doc:uci:dropbear|Dropbear configuration]] article.
-		+	===== Troubleshooting =====
-	====== Troubleshooting ======	+
	Make sure the ''/etc/dropbear'' directory is ''chmod''ed 0700 and the ''/etc/dropbear/authorized_keys'' file 0600.		Make sure the ''/etc/dropbear'' directory is ''chmod''ed 0700 and the ''/etc/dropbear/authorized_keys'' file 0600.
	<code>		<code>
-	root@OpenWrt:~# ls -l /etc/|grep dropbear	+	root@OpenWrt:~# ls -dl /etc/dropbear/ /etc/dropbear/authorized_keys
-	drwx------    1 root    root           0 Feb 28 15:26 dropbear	+	drwx------    1 root    root             0 Feb 28 00:00 /etc/dropbear/
		+	-rw-------    1 root    root          626 Feb 28 00:00 /etc/dropbear/authorized_keys
	</code>		</code>
-	<code>	+	If mode is not the same for you, do
-	root@OpenWrt:~# ls -l /etc/dropbear/|grep authorized	+
-	-rw-------    1 root    root          626 Feb 28 15:31 authorized_keys	+
-	</code>	+
-		+
-	If you see anything different than the above you can try these commands.	+
	<code>		<code>
Line 102:		Line 84:
	chmod 0600 /etc/dropbear/authorized_keys		chmod 0600 /etc/dropbear/authorized_keys
	</code>		</code>
-
	If you think everything is OK but it still does not accept your key, check that you didn't say ''ssh-dsa'' when manually converting a multi line SSH2 key file.		If you think everything is OK but it still does not accept your key, check that you didn't say ''ssh-dsa'' when manually converting a multi line SSH2 key file.
-	====== Links ======	+	===== Links =====
-	* Dropbear: https://matt.ucc.asn.au/dropbear/dropbear.html	+	* [[https://matt.ucc.asn.au/dropbear/dropbear.html|Dropbear]]
-	* The free OpenSSH client and server: http://www.openssh.org/	+	* [[http://www.openssh.org/|OpenSSH]]
-	* PuTTY is a free implementation of Telnet and SSH for Win32 (''puttygen.exe'', ''putty.exe'' and ''pscp.exe''): http://www.chiark.greenend.org.uk/~sgtatham/putty/	+	* [[http://www.chiark.greenend.org.uk/~sgtatham/putty/|PuTTY]]
-	* PuTTY with hardware token support: http://www.joebar.ch/puttysc/	+	* [[wp>Key authentication]]
-	* Key authentication: http://en.wikipedia.org/wiki/Key_authentication	+

Back to top

inbox/howto/dropbear.public-key.auth.1359559227.txt.bz2 · Last modified: 2013/01/30 16:20 by slickkitten