ssh logging without a password
Rob Landley
rob at landley.net
Wed Feb 20 11:15:41 WST 2008
On Tuesday 19 February 2008 10:25:47 Dach Miroslaw wrote:
> Hi All,
>
> I have tried to setup sshd (dropbear v.049) to accept login from the remote
> host without giving the password.
>
> The idea which I have is as following:
>
> I have the client computer A and the server embedded system B which runs
> dropbear daemon.
>
> I would like to login from machine A (being user jane) to B by means of the
> command: ssh root at B without giving a password. To do so I have generated on
> machine A (being user jane) access keys by means of ssh-keygen -t dsa.
>
> I do not know where to put the file id_dsa.pub since on the B server there
> is no directory /root/.ssh but just a regular file instead.
You need to have a .ssh directory in the home directory of whatever user
you're logging in as. (And that .ssh directory should be permissions 700.)
The public key should be in the file "~/.ssh/authorized_keys". The private
key should be on the machine you're trying to log in from, as ".ssh/id_dsa".
If your root user hasn't got a home directory to put a .ssh directory in, your
system is misconfigured.
> It seems to be that dropbear accepts the dss key type but on the client one
> can choose the dsa type (or rsa). Are this keys somehow compatible?
It should be able to autodetect which type you've supplied. Notice how the
text line in the file with the key starts with "ssh-dss "? That's a type
identifier.
Besides, if it just treated it as a big string of hex digits and tried to use
an rsa key as dsa or vice versa, it's about as likely to work as using any
other thousand-bit-long random number to log in, isn't it?
Rob
--
"One of my most productive days was throwing away 1000 lines of code."
- Ken Thompson.
More information about the Dropbear
mailing list