SSH

From ArmadeusWiki
Revision as of 17:59, 3 May 2010 by JulienB (Talk | contribs)

Jump to: navigation, search

Secure Shell or SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. Encryption provides confidentiality and integrity of data. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.
In short, SSH allows you to connect to your board from a remote PC using a secured/encrypted Ethernet connection.

Installation

We use the lightweight Dropbear SSH server. To install it on your rootfs, launch Buildroot configuration:

 $ make menuconfig
Package Selection for the target  --->
    [*] Networking  --->
        [*]   dropbear

Then rebuild your system and reflash your board.

 $ make

Usage

  • If you have reflashed your rootfs with dropbear installed, then at first startup it should generates your private and public keys:
 Generating RSA Key...
 Will output 1024 bit rsa secret key to '/etc/dropbear/dropbear_rsa_host_key'
 Generating key, this may take a while...
 Public key portion is:
 ssh-rsa ........
 Fingerprint: md5 82:a2:a3:65:8c:e4:2b:ec:35:27:03:23:2c:f8:91:e9
 Generating DSS Key...
 Will output 1024 bit dss secret key to '/etc/dropbear/dropbear_dss_host_key'
 Generating key, this may take a while...
 Public key portion is:
 ssh-dss 
 ........
 Fingerprint: md5 43:4d:e6:52:df:6b:1f:c3:93:e9:49:e3:92:e7:a1:b2
 Starting dropbear sshd:
  • Be sure to have setup a root password on your board. If not then:
 # passwd
 Changing password for root
 Enter the new password (minimum of 5, maximum of 8 characters)
 Please use a combination of upper and lower case letters and numbers.
 Enter new password: *****
 Re-enter new password: ******
 Password changed.
  • To test your SSH connection, then on your PC launch (replace 192.168.0.3 with your board IP):
 [armadeus] $ ssh root@192.168.0.3
 The authenticity of host '192.168.0.3 (192.168.0.3)' can't be established.
 RSA key fingerprint is 82:a2:a3:65:8c:e4:2b:xx:xx:xx:xx:xx:2c:f8:91:e9.
 Are you sure you want to continue connecting (yes/no)? yes
 Warning: Permanently added '192.168.0.3' (RSA) to the list of known hosts.
 root@192.168.0.3's password:
 
 BusyBox v1.2.2 (2007.06.25-15:53+0000) Built-in shell (ash)
 Enter 'help' for a list of built-in commands.
 #

Links