January 16, 2023, 11:16pm
Good day, I tried to log in with a public/private key (I use SSH dropbear) by following these steps:
In this case I throw a permission error because I have disabled access to ssh with root user, so I had to re-enable the root user to ssh and run the command in mention
The authorized key is placed in
/etc/dropbear/authorized_keys to /home/dietpi/.ssh/authorized_keys that is my user, since I want to use it in a specific user not at root, as it will be disabled later
later switch permits
chmod 700 /etc/dropbear
chmod 600 /etc/dropbear/authorized_keys
However, SSH access doesn’t work through the public/private key, you could help me please if I’m doing something wrong, thank you and greetings
January 16, 2023, 11:55pm
How do you connect via ssh? What client to you use?
January 17, 2023, 3:25am
Hi, thanks for answer, I’m using cygwin64, But the problem is that he doesn’t ask me for the private public key, he just asks me for the password and lets me in without problems. Regards
I never used cygwin but is there a point within client configuration where you can specify the privat SSH key to be used? At least this is how it works within Putty.
January 17, 2023, 9:21am
I am also using non-root user to login.
Public keys are stored in
January 17, 2023, 4:18pm
Thank you for answering, you could confirm to me if the way I mention is the right way to start session? And you could explain to me how you connect with your private public keys, thank you.
January 17, 2023, 4:35pm
ls -la to verify that the permissions are good.
Then you need to specify where the private key is on the ssh client. By default they are in the same folder.
Location should be correct. Personally, I use Putty SSH client. There I can specify user and privat key file to be used.
Important to have correct permissions.
chmod 700 /home/dietpi/.ssh
chmod 600 /home/dietpi/.ssh/authorized_keys
Jan 17 18:05:04 DietPiProd dropbear: Pubkey auth succeeded for 'dietpi' with key sha1!! a7:x from 192.168.0.x
January 17, 2023, 5:43pm
Think it generates bad the keys I’m a little lost, I attach the catches the way I try to connect and permits, if you see any mistake I’ll appreciate your feedback.
How I try to connect with private key :
$ ssh -i id_rsa firstname.lastname@example.org
January 17, 2023, 6:37pm
sudo chown dietpi:dietpi /home/dietpi/.ssh/authorized_keys
January 17, 2023, 8:12pm
With this change you automatically connect to the dietpi user, but using the traditional method, is it normal? If I use another ssh client requests password that I guess is correct, I hope your feedback.
January 17, 2023, 8:16pm
The whole point is to let the owner of the private key without password. The rest login by entering the password.
January 17, 2023, 8:25pm
I understand that part, but my doubt is if it is normal to log in without specifying the key, as I show in the video or what I did wrong, thanks and greetings
where is the private key located? Within the same client directory you start the SSH session from?
January 17, 2023, 9:09pm
Selects a file from which the identity (private key) for public
key authentication is read. The default is ~/.ssh/id_dsa,
~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519,
~/.ssh/id_ed25519_sk and ~/.ssh/id_rsa. Identity files may also
be specified on a per-host basis in the configuration file. It
is possible to have multiple -i options (and multiple identities
specified in configuration files). If no certificates have been
explicitly specified by the CertificateFile directive, ssh will
also try to load certificate information from the filename ob‐
tained by appending -cert.pub to identity filenames.
So if your private key is found in there and matches, you’re good to go.
A known bug in
[ssh-copy-id] Do not treat Dropbear special by MichaIng · Pull Request #250 · openssh/openssh-portable · GitHub
This is the commit which broke it (“as in OpenWRT” means special handling for non-default Dropbear usage…):
git.hands.com Git - ssh-copy-id.git/commit
Sadly Philip is not answering my emails.
January 17, 2023, 10:06pm
I think, if this is the route:
id_rsa id_rsa.pub known_hosts known_hosts.old
January 17, 2023, 10:12pm
Thanks to everyone it seems to be a matter of permission and my ignorance of how the connection ssh works through private keys, greetings and thanks again