Tiny Core Linux
Tiny Core Base => Raspberry Pi => Topic started by: str4ng3r on January 29, 2013, 05:06:33 PM
-
Hi.
Is there any SSH server for piCore in the repo?
Thanks.
-
Hi
I use the Dropbear.tcz on my piCore - it is working fine.
-
Hi
I use the Dropbear.tcz on my piCore - it is working fine.
Should i get openssl also? Or is there some "magic" i need to do before login?
I'm asking because just downloaded it, rebooted Pi and tried access it from putty with no luck.
-
no, you don't need more. You just need to follow these instructions:
install Dropbear.
make a password for tc like this:
passwd
Then I added these three lines to opt/.filetool.lst
etc/passwd
etc/shadow
etc/dropbear
next I used backup:
filetool.sh -b
Then reboot.
Now I start dropbear by:
sudo /usr/local/etc/init.d/dropbear start
and everything is fine I can connect via Putty by user: tc and password: (the one I supplied).
For Dropbear to start automatically add:
usr/local/etc/init.d/dropbear start to /opt/bootlocal.sh
And then do a backup to make it persistent
filetool.sh -b
-
Hi
instructions are good, few notes however:
No need to backup
/etc/shadow
No such directory as /etc/dropbear no need to add to backup.
Add
/usr/local/etc/dropbear/dropbear_dss_hostkey
/usr/local/etc/dropbear/dropbear_rsa_hostkey
to backup to save generated keys over reboot.
I find more convenient to have a new user defined, 'ru' with password and part of sudoers. In this case you can keep tc without password. With new user(s) add
/etc/sudoers
/etc/group
to backup.
-
Hi bmarkus
I was under the impression (maybe incorrectly) that the Pi extensions would follow the same file layout as the
X86 versions. The X86 version of dropbear does have a /etc/dropbear/ entry.
-
Thanks
I'm learning all the time.
Steen
-
Hi
instructions are good, few notes however:
No need to backup
/etc/shadow
Are you sure? Password changes are stored in /etc/shadow, are they not? (Possibly displaying my ignorance of core on Pi, or passwords in core, but this has been my experience with almost every other distro...)
-
Hi
instructions are good, few notes however:
No need to backup
/etc/shadow
Are you sure? Password changes are stored in /etc/shadow, are they not? (Possibly displaying my ignorance of core on Pi, or passwords in core, but this has been my experience with almost every other distro...)
In fact, nothing wrong saving shadow but in fact not needed to have proper operation of SSH.
-
Hi bmarkus
I was under the impression (maybe incorrectly) that the Pi extensions would follow the same file layout as the
X86 versions. The X86 version of dropbear does have a /etc/dropbear/ entry.
piCore is following as much as possible x86 version but at the same time follows generic Core rules. dropbear is an extension, therefore it is using /usr/local/etc and not /etc used by system itself.
-
Makes all sense to me, given the fact that dropbear was for a long time an integral part of x86 base and eventually got outfactured to an extension before any ports to other arches were in sight.
-
Have never used dropbear before so I thought I'd check it out, but am quite confused over where the hostkeys install too.
After reading the above notes even though this is an x86 version I was expecting to find the files to backup here
/usr/local/etc/dropbear/dropbear_dss_hostkey
/usr/local/etc/dropbear/dropbear_rsa_hostkey
instead I found them installed to
/etc/dropbear/dropbear_dss_hostkey
/etc/dropbear/dropbear_rsa_hostkey
presumably we backup theses, right??
-
As explained above, x86 is using /etc while piCore /usr/local/etc
-
What do you mean with /etc/shadow is not needed? Surely picore does not use DES passwords?
-
What do you mean with /etc/shadow is not needed? Surely picore does not use DES passwords?
Hm... Interesting...
I'm using an SSH setup created several month ago with a user 'mb'. It's encrypted password is in /etc/passwd and user is not in /etc/shadow
Created a new user now, its encrypted password stored in /etc/shadow
So reviewing my previous notes, please backup /etc/shadow .
-
Ouch, if your password is in DES, change it immediately. Also pretty bad if some busybox build for Pi defaulted to DES passwords.
-
...
For Dropbear to start automatically add:
usr/local/etc/init.d/dropbear start to /opt/bootlocal.sh
And then do a backup to make it persistent
filetool.sh -b
Hi sbp.
This bit is always generating new keys everytime i reboot the device. Do you experience the same behaviour?
Thanks.
-
Backup keys as adviced in my previous message to avoid regenerating them if exist.
-
Will do bmarkus.
I've created a new user and placed it on the sudoers file.
However i can not manage for that user to run tce-load. Apparently it doesn't have permissions to use /tmp
How do i solve it?
Regards.
-
The easiest way is to use new user only for login. When logegd in change user to tc.
-
I can't remember the name of the package right now, but there is an sftp capability that goes with dropbear. Add that if you want to use sftp for secure file transfer. I am using on x86 and it works like a charm
-
I think you may have the standalone sftp server of OpenSSH in mind.
-
Hi
I just downloaded version 4.7.4, and trying to do exactly what I did in post #4 in this thread - but it seems like the password I supply for user:tc is not saved.
So when I start Putty, and supply the password, I'm denied access.
If I then define the new password directly on the raspberry, I can log in via putty. Even if I do a filetool.sh -b and backup, the password is not backed up.
So after a reboot, the same problem occur.
Steen
-
OK I found a solution (I don't know if it is the correct one but it works)
I changed /opt/.filetools.lst so it looks like this:
opt
home
etc
etc/passwd
etc/shadow
/usr/local/etc/dropbear/dropbear_dss_host_key
/usr/local/etc/dropbear/dropbear_rsa_host_key
The important was to add "etc" below "opt" and "home" otherwise it would not save the password. I can't remember if etc was included in 4.7.3
Also please notice I had to change:
/usr/local/etc/dropbear/dropbear_dss_hostkey
/usr/local/etc/dropbear/dropbear_rsa_hostkey
To
/usr/local/etc/dropbear/dropbear_dss_host_key
/usr/local/etc/dropbear/dropbear_rsa_host_key
Otherwise Dropbear would still create new hostkeys.
Steen
-
Steen
backing up whole /etc is bad practice. Backup only files must be saved. better to spend some time to identify necessary files.
Do not use leading '/' in .filetools.lst
-
Hi sbp
Here is what I have in .filetool.lst for the X86 version of dropbear:
etc/passwd
etc/group
etc/shadow
etc/gshadow
etc/dropbearSince you are using ARM, in your case the last line should read:
usr/local/etc/dropbear
-
Hi bmarkus
Thanks for the advise. I have now tried to put all the files from /etc into the filetool.lst, and then commenting them out one by one. And it turned out that the problem was self inflected. I had two invisible empty spaces after etc/passwd in my original filetool.lst.
I also removed the leading "/".
But you still need to use:
usr/local/etc/dropbear/dropbear_dss_host_key
usr/local/etc/dropbear/dropbear_rsa_host_key
In order to have Dropbear to remember its keys.
So my working opt/.filetool.lst is like this:
opt
home
etc/passwd
etc/shadow
usr/local/etc/dropbear/dropbear_dss_host_key
usr/local/etc/dropbear/dropbear_rsa_host_ke
Steen
-
Hi sbp
Here is what I have in .filetool.lst for the X86 version of dropbear:
etc/passwd
etc/group
etc/shadow
etc/gshadow
etc/dropbearSince you are using ARM, in your case the last line should read:
usr/local/etc/dropbear
I'm running an ARM and in my filetool.lst i'm using
etc/dropbear instead of usr/local/etc/dropbear
It all seems to be working fine and dandy.
-
Hi str4ng3r
I'm not running ARM, so that part of my answer is based on Reply #9 by bmarkus.
-
In piCore there are no /etc/dropbear directory !
-
In piCore there are no /etc/dropbear directory !
Correct. ;D
So, now my filetool.lst is exactly like Steen's. 8)