Public Key Authorization Failure
Rob Landley
rob at landley.net
Thu Jan 22 02:32:39 WST 2009
On Monday 19 January 2009 14:43:13 Kyle Marx wrote:
> Hey,
> Before anyone flames me, I've read every message in the archive. That
> said, I am running v0.50 on a TS-7260 ARM9 embedded computer.
> My problem is that I cannot produce passwordless login from the embedded
> device (A) to my server (B). I have tried everthing listed. I first used
> dropbearkey to create private and public keys on the embedded device (A).
> I appended the pub key to authorized keys on the server (B).
> My problem is similar to that of 2Q2008 by G*uillaume Dargaud*'s problem.
> Here is a rundown:
>
> Generate keys on the embedded device A:
> A$ dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_key
> A$ dropbearkey -y -f /etc/dropbear/dropbear_rsa_key | head -2 | tail -1 >
> /etc/dropbear/dropbear_rsa_key.pub
> A$ shutdown -r now
>
> I then append this public key to my authorized keys list on the server, B
> B$ scp user at A:/etc/dropbear/dropbear_rsa_key.pub /tmp/dropbear_rsa_key.pub
> B$ cat /tmp/dropbear_rsa_key.pub >> ~/.ssh/authorized_keys
> B$ services sshd restart
>
> Now attempt a passwordless login to B from A:
> A$ dbclient user at B
> userB@'s password:
>
> It still prompts for a password. Is this broken?
If all else fails, you can cheese your way around a lot of debugging problems
by:
A) trying to get it to work on your x86 laptop first. (Just run it on
loopback and connect to it from the same machine.)
B) Run it as "dropbear -F -E", and run it under strace. (Huge amounts of
debugging output, but you can see _everything_ it's doing. If it tries to
open a file, you see the filename.)
C) If all else fails, stick printf() calls into the source code.
> Kyle
Rob
More information about the Dropbear
mailing list