connecting to dropbear (ssh) server with public key authentication
6,399 views
Skip to first unread message
CC Ma
Jan 10, 2012, 6:48:57 PM1/10/12
to Beagle Board, yo...@rose-hulman.edu
So I generated a public key and private key pair on my ubuntu host
using dsa, copied and pasted the public key's content to my
beagleboard's ~/.ssh/authorized_keys file.
However, I still couldn't connect to my beagleboard using just the
public key authentication.
I tried copying the content over to ~/.ssh/authorized_keys2, /etc/
dropbear/authorized_keys, and /etc/dropbear/authorized_keys2, but I
still failed to connect via public key authentication.
I made sure all my authorized_keys or authorized_keys2 files were
chmod 0700 and their containing directories chmod 0600.
My running dropbear on beagleboard is:
/usr/sbin/dropbear -s -r /etc/dropbear/dropbear_rsa_host_key -p 22
The the final few lines of my debug output I get when connecting is
(ssh -vv -i ~/.ssh/id_dsa root@beagleboard):
..........................
........................
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: id_dsa.pub (0x7fd08146c480)
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: id_dsa.pub
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
Does any one know how to resolve this problem?
thanks
using dsa, copied and pasted the public key's content to my
beagleboard's ~/.ssh/authorized_keys file.
However, I still couldn't connect to my beagleboard using just the
public key authentication.
I tried copying the content over to ~/.ssh/authorized_keys2, /etc/
dropbear/authorized_keys, and /etc/dropbear/authorized_keys2, but I
still failed to connect via public key authentication.
I made sure all my authorized_keys or authorized_keys2 files were
chmod 0700 and their containing directories chmod 0600.
My running dropbear on beagleboard is:
/usr/sbin/dropbear -s -r /etc/dropbear/dropbear_rsa_host_key -p 22
The the final few lines of my debug output I get when connecting is
(ssh -vv -i ~/.ssh/id_dsa root@beagleboard):
..........................
........................
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: id_dsa.pub (0x7fd08146c480)
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: id_dsa.pub
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
Does any one know how to resolve this problem?
thanks
Gary Thomas
Jan 11, 2012, 6:59:46 AM1/11/12
to beagl...@googlegroups.com
You need to convert the key generated on your Ubuntu system (which is
in openssh format) to the format used by dropbear. Something like this:
# dropbearconvert openssh dropbear openssh.key dropbear.key
Then provide the converted key to dropbear as you tried above.
--
------------------------------------------------------------
Gary Thomas | Consulting for the
MLB Associates | Embedded world
------------------------------------------------------------
Mark A. Yoder
Jan 11, 2012, 5:51:06 PM1/11/12
to beagl...@googlegroups.com, yo...@rose-hulman.edu
From what I read the public keys are the same for dropbear and openssh. I think there's a different problem here, (I'm having it too), but I'm not sure where.
Any other ideas?
--Mark
CC Ma
Jan 12, 2012, 4:09:57 PM1/12/12
to Beagle Board, yo...@rose-hulman.edu
So, I did the other way around and it didn't work.
I tried first generating the ssh keys on the beagleboard by:
dropbearkey -t rsa -f id_rsa
dropbearkey -f id_rsa -y > id_rsa.pub
The above gave the private key id_rsa and public key id_rsa.pub
I copied over the content of the id_rsa.pub to authorized_keys file in
~/.ssh
Then I convert the private key from dropbear format to openssh format
by
dropbearconvert dropbear openssh id_rsa id_rsa_openssh
Finally, I moved over the id_rsa_openssh private key to my ubuntu
laptop and ssh to my beagleboard with that private key. I still got
the same error as I had in the first post. :-(
Any idea on this?
I tried first generating the ssh keys on the beagleboard by:
dropbearkey -t rsa -f id_rsa
dropbearkey -f id_rsa -y > id_rsa.pub
The above gave the private key id_rsa and public key id_rsa.pub
I copied over the content of the id_rsa.pub to authorized_keys file in
~/.ssh
Then I convert the private key from dropbear format to openssh format
by
dropbearconvert dropbear openssh id_rsa id_rsa_openssh
Finally, I moved over the id_rsa_openssh private key to my ubuntu
laptop and ssh to my beagleboard with that private key. I still got
the same error as I had in the first post. :-(
Any idea on this?
CC Ma
Jan 12, 2012, 4:39:12 PM1/12/12
to Beagle Board, Ching-Chen Ma
Alternatively, would using openssh solve the problem?
Dan
Jan 12, 2012, 6:10:36 PM1/12/12
to Beagle Board
For what it's worth, dropbear public key authentication works for me
on both my -XM running Angstrom (dropbear version 0.52) and my
Beaglebone running Angstrom (version v2011.54). All I had to do to
enable it was to copy the authorized_keys file from another server to
my user-ID's ~/.ssh directory. However, I'm connecting from WinPuTTY,
not an OpenSSH client.
So, the problem is probably with the public or private key format.
The public keys that I store in .ssh/authorized_keys are in a format
that begins with "ssh-rsa AAAA...". I remember having to try a few
formats with dropbear before getting it to work.
Another, less likely, possibility is that there are settings in your /
etc/default/dropbear file, if one exists, that are interfering with
public key authentication.
Dan.
on both my -XM running Angstrom (dropbear version 0.52) and my
Beaglebone running Angstrom (version v2011.54). All I had to do to
enable it was to copy the authorized_keys file from another server to
my user-ID's ~/.ssh directory. However, I'm connecting from WinPuTTY,
not an OpenSSH client.
So, the problem is probably with the public or private key format.
The public keys that I store in .ssh/authorized_keys are in a format
that begins with "ssh-rsa AAAA...". I remember having to try a few
formats with dropbear before getting it to work.
Another, less likely, possibility is that there are settings in your /
etc/default/dropbear file, if one exists, that are interfering with
public key authentication.
Dan.
mr.deng...@gmail.com
Mar 16, 2014, 10:34:26 AM3/16/14
to beagl...@googlegroups.com, gogoy...@gmail.com
as the README file in dropbear-201463, I found that "Dropbear does not support encrypted hostkeys though can connect to ssh-agent." which i guess means that it cannot be log in with a public key.
在 2012年1月11日星期三UTC+8上午7时48分57秒,CC Ma写道:
在 2012年1月11日星期三UTC+8上午7时48分57秒,CC Ma写道:
arja...@gmail.com
Feb 17, 2016, 9:39:41 AM2/17/16
to BeagleBoard, gogoy...@gmail.com
I think you might have problems with `ls ./files/etc/dropbear/authorized_keys`,
I have fixed it by executing `chmod g-w,o-wr ./files/etc/dropbear/authorized_keys`
I have fixed it by executing `chmod g-w,o-wr ./files/etc/dropbear/authorized_keys`
ooth....@gmail.com
Mar 29, 2017, 3:50:36 PM3/29/17
to BeagleBoard, yo...@rose-hulman.edu, gogoy...@gmail.com
Did you get to fix this issue ? I am in the same boat. Please let me know the status.
Reply all
Reply to author
Forward
0 new messages