SSH

From ArmadeusWiki
Revision as of 22:06, 3 April 2008 by JulienB (Talk | contribs) (Links)

Jump to: navigation, search

Secure Shell or SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. Encryption provides confidentiality and integrity of data. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.
In short, SSH allows you to connect to your board from a remote PC using a secured/encrypted Ethernet connection.

Installation

We use lightweight Dropbear SSH server. To add it to your rootfs then launch Buildroot configuration:

[armadeus] $ make menuconfig

and in package configuration choose dropbear.
Then rebuild your system and flash it on your board or MMC.

Usage

First be sure to have setup a root password on your board. If not then:

# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
Enter new password: *****
Re-enter new password: ******
Password changed.

If you have reflashed your rootfs with dropbear installed, then at first startup it should generates your private and public keys:

Generating RSA Key...
Will output 1024 bit rsa secret key to '/etc/dropbear/dropbear_rsa_host_key'
Generating key, this may take a while...
Public key portion is:
ssh-rsa ........
Fingerprint: md5 82:a2:a3:65:8c:e4:2b:ec:35:27:03:23:2c:f8:91:e9
Generating DSS Key...
Will output 1024 bit dss secret key to '/etc/dropbear/dropbear_dss_host_key'
Generating key, this may take a while...
Public key portion is:
ssh-dss 
........
Fingerprint: md5 43:4d:e6:52:df:6b:1f:c3:93:e9:49:e3:92:e7:a1:b2
Starting dropbear sshd:

To test your SSH connection, then on your PC launch (replace 192.168.0.3 with your board IP):

[armadeus] $ ssh root@192.168.0.3
The authenticity of host '192.168.72.35 (192.168.72.35)' can't be established.
RSA key fingerprint is 82:a2:a3:65:8c:e4:2b:ec:35:27:03:23:2c:f8:91:e9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.72.35' (RSA) to the list of known hosts.
root@192.168.72.35's password:

BusyBox v1.2.2 (2007.06.25-15:53+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
#

Links