Question on using ssh-agent with dropbear and keys

Rob Landley rob at landley.net
Wed Sep 14 05:13:14 WST 2011


On 09/12/2011 08:23 PM, Rory Toma wrote:
> I searched the web and looked for info and a FAQ, and still can't get
> this to work.
> 
> I'm trying to ssh from my "normal" box to my dropbear box.
> 
> I've done:
> 
> ssh-keygen -b 768 to create my public and private keys.

Dropbear doesn't store its keys in the same format as openssh does.
You're using the openssh key generator instead of dropbearkey, look at
the "dropbearconvert" program.

> I copied out the id_rsa.pub file (which is the "ssh-rsa <stuff>
> foo at bar.net" type)

By "copied out" do you mean you installed it on the remote system you're
trying to ssh into under the name "~/.ssh/authorized_keys"?

> I set ownership of .ssh and all files to root,

I set them to belong to the user I'm trying to ssh into.  (Root can read
everything anyway, that's sort of the point of root.  If you're using a
crazy SELinux system where that's not true, ask the NSA to help you.)

> with all files being 600
> and .ssh being 700. (also tried 644 on the files)
> 
> Anyway I get:
> 
> debug1: Offering public key: ./id_rsa
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: Authentications that can continue: publickey,password

It doesn't look like it's failed yet?  publickey can continue...

> This has always just worked going from openssh->openssh. What is
> different here? Is there some dropbearism I'm missing?

My guess is on-disk key storage format.

> thx

Rob


More information about the Dropbear mailing list