WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: SSH server  (Read 15837 times)

Offline str4ng3r

  • Newbie
  • *
  • Posts: 48
SSH server
« on: January 29, 2013, 05:06:33 PM »
Hi.

Is there any SSH server for piCore in the repo?

Thanks.

Offline sbp

  • Sr. Member
  • ****
  • Posts: 429
    • piCorePlayer homepage
Re: SSH server
« Reply #1 on: January 29, 2013, 05:24:41 PM »
Hi

I use the Dropbear.tcz on my piCore - it is working fine.

Offline str4ng3r

  • Newbie
  • *
  • Posts: 48
Re: SSH server
« Reply #2 on: January 29, 2013, 05:36:13 PM »
Hi

I use the Dropbear.tcz on my piCore - it is working fine.

Should i get openssl also? Or is there some "magic" i need to do before login?
I'm asking because just downloaded it, rebooted Pi and tried access it from putty with no luck.

Offline sbp

  • Sr. Member
  • ****
  • Posts: 429
    • piCorePlayer homepage
Re: SSH server
« Reply #3 on: January 29, 2013, 06:45:54 PM »
no, you don't need more. You just need to follow these instructions:

install Dropbear.
make a password for tc like this:
passwd 


Then I added these three lines to opt/.filetool.lst
etc/passwd
etc/shadow
etc/dropbear

next I used backup:
filetool.sh -b

Then reboot.

Now I start dropbear by:
sudo /usr/local/etc/init.d/dropbear start     

and everything is fine I can connect via Putty by user: tc and password: (the one I supplied).

For Dropbear to start automatically add:
usr/local/etc/init.d/dropbear start to /opt/bootlocal.sh

And then do a backup to make it persistent
filetool.sh -b
 

Offline bmarkus

  • Administrator
  • Hero Member
  • *****
  • Posts: 7183
    • My Community Forum
Re: SSH server
« Reply #4 on: January 29, 2013, 07:06:35 PM »
Hi

instructions are good, few notes however:

No need to backup

/etc/shadow

No such directory as /etc/dropbear no need to add to backup.

Add

/usr/local/etc/dropbear/dropbear_dss_hostkey
/usr/local/etc/dropbear/dropbear_rsa_hostkey

to backup to save generated keys over reboot.

I find more convenient to have a new user defined, 'ru' with password and part of sudoers. In this case you can keep tc without password. With new user(s) add

/etc/sudoers
/etc/group

to backup.
Béla
Ham Radio callsign: HA5DI

"Amateur Radio: The First Technology-Based Social Network."

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11594
Re: SSH server
« Reply #5 on: January 29, 2013, 10:37:55 PM »
Hi bmarkus
I was under the impression (maybe incorrectly) that the Pi extensions would follow the same file layout as the
X86 versions. The X86 version of dropbear does have a  /etc/dropbear/  entry.

Offline sbp

  • Sr. Member
  • ****
  • Posts: 429
    • piCorePlayer homepage
Re: SSH server
« Reply #6 on: January 29, 2013, 10:48:26 PM »
Thanks

I'm learning all the time.

Steen

Offline althalus

  • Sr. Member
  • ****
  • Posts: 351
Re: SSH server
« Reply #7 on: January 29, 2013, 11:58:23 PM »
Hi

instructions are good, few notes however:

No need to backup

/etc/shadow
Are you sure? Password changes are stored in /etc/shadow, are they not? (Possibly displaying my ignorance of core on Pi, or passwords in core, but this has been my experience with almost every other distro...)

Offline bmarkus

  • Administrator
  • Hero Member
  • *****
  • Posts: 7183
    • My Community Forum
Re: SSH server
« Reply #8 on: January 30, 2013, 01:55:27 AM »
Hi

instructions are good, few notes however:

No need to backup

/etc/shadow
Are you sure? Password changes are stored in /etc/shadow, are they not? (Possibly displaying my ignorance of core on Pi, or passwords in core, but this has been my experience with almost every other distro...)

In fact, nothing wrong saving shadow but in fact not needed to have proper operation of SSH.
Béla
Ham Radio callsign: HA5DI

"Amateur Radio: The First Technology-Based Social Network."

Offline bmarkus

  • Administrator
  • Hero Member
  • *****
  • Posts: 7183
    • My Community Forum
Re: SSH server
« Reply #9 on: January 30, 2013, 01:57:26 AM »
Hi bmarkus
I was under the impression (maybe incorrectly) that the Pi extensions would follow the same file layout as the
X86 versions. The X86 version of dropbear does have a  /etc/dropbear/  entry.

piCore is following as much as possible x86 version but at the same time follows generic Core rules. dropbear is an extension, therefore it is using /usr/local/etc and not /etc used by system itself.
« Last Edit: January 30, 2013, 02:51:10 AM by bmarkus »
Béla
Ham Radio callsign: HA5DI

"Amateur Radio: The First Technology-Based Social Network."

Offline tinypoodle

  • Hero Member
  • *****
  • Posts: 3857
Re: SSH server
« Reply #10 on: January 30, 2013, 02:13:47 AM »
Makes all sense to me, given the fact that dropbear was for a long time an integral part of x86 base and eventually got outfactured to an extension before any ports to other arches were in sight.
"Software gets slower faster than hardware gets faster." Niklaus Wirth - A Plea for Lean Software (1995)

Offline coreplayer2

  • Hero Member
  • *****
  • Posts: 3020
Re: SSH server
« Reply #11 on: January 30, 2013, 03:04:57 AM »
Have never used dropbear before so I thought I'd check it out,  but am quite confused over where the hostkeys install too.

After reading the above notes even though this is an x86 version I was expecting to find the files to backup here

/usr/local/etc/dropbear/dropbear_dss_hostkey
/usr/local/etc/dropbear/dropbear_rsa_hostkey

instead I found them installed to

/etc/dropbear/dropbear_dss_hostkey
/etc/dropbear/dropbear_rsa_hostkey

presumably we backup theses, right??


Offline bmarkus

  • Administrator
  • Hero Member
  • *****
  • Posts: 7183
    • My Community Forum
Re: SSH server
« Reply #12 on: January 30, 2013, 03:25:11 AM »
As explained above, x86 is using /etc while piCore /usr/local/etc
Béla
Ham Radio callsign: HA5DI

"Amateur Radio: The First Technology-Based Social Network."

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 11044
Re: SSH server
« Reply #13 on: January 30, 2013, 04:10:48 AM »
What do you mean with /etc/shadow is not needed? Surely picore does not use DES passwords?
The only barriers that can stop you are the ones you create yourself.

Offline bmarkus

  • Administrator
  • Hero Member
  • *****
  • Posts: 7183
    • My Community Forum
Re: SSH server
« Reply #14 on: January 30, 2013, 04:34:03 AM »
What do you mean with /etc/shadow is not needed? Surely picore does not use DES passwords?

Hm... Interesting...

I'm using an SSH setup created several month ago with a user 'mb'. It's encrypted password is in /etc/passwd and user is not in /etc/shadow

Created a new user now, its encrypted password stored in /etc/shadow

So reviewing my previous notes, please backup /etc/shadow .
Béla
Ham Radio callsign: HA5DI

"Amateur Radio: The First Technology-Based Social Network."