dropbear and ssh keys

Matt Johnston matt at ucc.asn.au
Fri Oct 7 00:02:48 WST 2005


On Wed, Oct 05, 2005 at 04:41:52PM -0400, Segura, Cynthia wrote:
> Hello, I am having trouble getting ssh keys to work with dropbear. I have downloaded and compiled buildroot, with BusyBox v1.1.0-pre1 and Dropbear sshd v0.46. I have compiled dropbear with: 
> Use /dev/urandom (low entropy systems only). I am working on a small cluster. The admin node has a full Linux distribution (Red Hat Enterprise Linux WS release 4) and the compute nodes are running the minimal linux. The admin node is using ssh: F-Secure SSH 3.2.3 (build 14) on i686-pc-linux-gnu. I have created the public and private keys on the admin node using the following command:
> 
> ssh-keygen -b 1024 -t rsa
> 
> and copied the public key into the compute node's /root/.ssh/authorized_keys
> 
> (I have also tried to this for dss keys).
> 
> However, when I try to ssh to a compute node, I receive the following messages, and am prompted for a password. Password authentication works fine, but to do mpi runs, I need to be able to login without a password. Am I missing something obvious? Does dropbear understand the ssh-key format or do I have to convert them using dropbearconvert?

Dropbear has the same format public keys (ie what you put in
authorized_keys) as OpenSSH, something like:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtiF7WDzehGhXZOPrm2bHcl464k9VYekP8Tuf7K+smThzwQHDPExlChX537sDIJuTEoUiYVGEqnqpwn5XDkoUR8XK0iY3NZQH2CixS3nB7PMkIWEJxE9Gb/9P+yXZKcVC/KIapabBKGcYSyGLOy7lZ5CqR/HjfL4hNwFK1EdfFFc= matt at rez

One common problem is permissions on ~, ~/.ssh and
~/.ssh/authorized_keys. These all need to be writable only
by the user (or root), otherwise Dropbear will just ignore
the file. There's code in my development tree to log a
warning since it's common, so it'll be on 0.47.

If that doesn't help, let me know and I'll investigate
further. Another thing to look out is accidental line breaks
in the key line.

Cheers,
Matt


More information about the Dropbear mailing list