How to generate a pair of keys on Omega-2?



  • I want to make a seamless access from Omega-2 to Raspberry Pi with the help of the pair keys. How to generate a pair of keys on Omega-2?



    • You should use this configuration for devices under the same subnet with static ip
    • If you want to connect devices from everywhere you can use reverse ssh. But this is an another question.

    Omega2+ Ω-ware: 0.2.0 b183, Dropbear v2017.75
    Debian 4.9.88-1, OpenSSH_7.4p1


    Creating ssh keys:

    1. Omega2 side (dropbearkey)

    root@Omega-C6xx:~# cd
    root@Omega-C6xx:~# mkdir .ssh
    root@Omega-C6xx:~# dropbearkey -t rsa -s 2048 -f .ssh/id_rsa
    Generating key, this may take a while...
    Public key portion is:
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx
    Fingerprint: md5 92:03:c5:4c:be:c1:9e:63:c7:2d:3f:12:28:68:d4:62
    
    • Showing and saving Omega2's public key to another file as "id_rsa.pub"
    root@Omega-C6xx:~# dropbearkey -y -f .ssh/id_rsa | grep ^ssh
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx
    root@Omega-C6xx:~# dropbearkey -y -f .ssh/id_rsa | grep ^ssh > .ssh/id_rsa.pub
    

    When we create the ssh private key (id_rsa) on the console you see the public portion... this goes to authorized_keys file that we use on the Raspberry Pi's "~/.ssh/authorized_keys" file.

    2. RaspberryPi side (ssh-keygen)

    I don't have Pi, I am using Debian and the ssh's binary is openssh-server these configuration should work!

    yasin@uxn:~$ cd
    yasin@uxn:~$ ssh-keygen -t rsa -b2048 -N "" -f ~/.ssh/omega2_passwordless_rsa
    Generating public/private rsa key pair.
    Your identification has been saved in /home/yasin/.ssh/omega2_passwordless_rsa.
    Your public key has been saved in /home/yasin/.ssh/omega2_passwordless_rsa.pub.
    The key fingerprint is:
    SHA256:KZap5TCuT57Al443fZUk55AzNWXsNy9s6t8AVIbitFI yasin@uxn
    The key's randomart image is:
    +---[RSA 2048]----+
    |           oo.o  |
    |          E.oo   |
    |         * =.    |
    |       oB.=.. o  |
    |    o * SX ..o o |
    | . . O .  +  .+ .|
    |  o *..  .   o.. |
    |   Oo.. .   .  o |
    |  oo=. .   .... .|
    +----[SHA256]-----+
    

    We have 2 file under .ssh/ folder that can use for ssh connection without typing password.
    Do not give the private key someone

    we will use the public key Omega2 side so:

    yasin@uxn:~$ cat .ssh/omega2_passwordless_rsa.pub
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMK6vLUNWqvseK58S2CQtdqOjPE2qHU1+ayuFooSxGl3M6Pi68pbzCclxsaDzPFEi0zmeAVU+T7/95jDUD46B52GZMxwydZgbWxWSzyVsrWz0fCxVzMK4lRfoGO2x7N5iJWtUu8jz8bpiNyWEYyUxdYZVZkpaN9SjcoxGFQt/ZbdxBnzgTVR15VGEyKBC7z0lzoGZVR23kbX9rNty34uQg4Z9tLI+TRPtZRikKBu42CaxK3FpS2VHVgDTrMdzyU9R1kqR+hBZVz+oqmr46CgY2NI2vANf/1OQVJ2U/kGjpx+v5/qDnjbsb1qU1v9nhtLiE/merfnEXkw8EvfaVjmm/ yasin@uxn
    

    Creating neccecary files:

    1. Omega2 side

    Copy the public key in to "/etc/dropbear/authorized_keys" file that created on the Pi device to Omega2
    Pi->omega2 connection

    root@Omega-C6xx:~# echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMK6vLUNWqvseK58S2CQtdqOjPE2qHU1+ayuFooSxGl3M6Pi68pbzCclxsaDzPFEi0zmeAVU+T7/95jDUD46B52GZMxwydZgbWxWSzyVsrWz0fCxVzMK4lRfoGO2x7N5iJWtUu8jz8bpiNyWEYyUxdYZVZkpaN9SjcoxGFQt/ZbdxBnzgTVR15VGEyKBC7z0lzoGZVR23kbX9rNty34uQg4Z9tLI+TRPtZRikKBu42CaxK3FpS2VHVgDTrMdzyU9R1kqR+hBZVz+oqmr46CgY2NI2vANf/1OQVJ2U/kGjpx+v5/qDnjbsb1qU1v9nhtLiE/merfnEXkw8EvfaVjmm/ yasin@uxn' > /etc/dropbear/authorized_keys
    root@Omega-C6xx:~# /etc/init.d/dropbear restart
    

    for copy public key

    root@Omega-C6xx:~# cat .ssh/id_rsa.pub 
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx
    root@Omega-C6xx:~# 
    

    2. Raspberry Pi side

    Copy the public key in to "~/.ssh/authorized_keys" file that created on the Omega2 device to Pi
    omega2->Pi connection

    yasin@uxn:~$ echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx' >> ~/ssh/authorized_keys
    yasin@uxn:~$ sudo /etc/init.d/ssh restart
    

    Geathering connection:

    Now we can connect Omega2 without password using "omega2_passwordless_rsa" from the RaspberryPi.

    yasin@uxn:~$ ssh -i .ssh/omega2_passwordless_rsa root@omega-c6xx.local 
    Warning: Permanently added the RSA host key for IP address '192.168.1.36' to the list of known hosts.
    
    
    BusyBox v1.25.1 () built-in shell (ash)
    
       ____       _             ____
      / __ \___  (_)__  ___    / __ \__ _  ___ ___ ____ _
     / /_/ / _ \/ / _ \/ _ \  / /_/ /  ' \/ -_) _ `/ _ `/
     \____/_//_/_/\___/_//_/  \____/_/_/_/\__/\_, /\_,_/
     W H A T  W I L L  Y O U  I N V E N T ? /___/
     -----------------------------------------------------
       Ω-ware: 0.2.0 b183
     -----------------------------------------------------
    root@Omega-C6xx:~#
    

    RaspberryPi Only
    Passwordless connection with config file.
    Create file named "~/.ssh/config"

    yasin@uxn:~$ echo -e $(cat <<EOF
    Host omega-c6xx.local\n
            User    root\n
            IdentityFile ~/.ssh/omega2_passwordless_rsa\n
    EOF
    ) >> ~/.ssh/config
    yasin@uxn:~$ sudo /etc/init.d/ssh restart 
    [sudo] password for yasin: 
    [ ok ] Restarting ssh (via systemctl): ssh.service.
    yasin@uxn:~$ ssh omega-c6xx.local 
    
    
    BusyBox v1.25.1 () built-in shell (ash)
    
       ____       _             ____
      / __ \___  (_)__  ___    / __ \__ _  ___ ___ ____ _
     / /_/ / _ \/ / _ \/ _ \  / /_/ /  ' \/ -_) _ `/ _ `/
     \____/_//_/_/\___/_//_/  \____/_/_/_/\__/\_, /\_,_/
     W H A T  W I L L  Y O U  I N V E N T ? /___/
     -----------------------------------------------------
       Ω-ware: 0.2.0 b183
     -----------------------------------------------------
    root@Omega-C6xx:~# 
    
    

    Omega2->Raspberry connection

    root@Omega-C6xx:~# ssh -i /root/.ssh/id_rsa yasin@192.168.1.33
    Linux uxn 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1 (2018-04-29) x86_64
    
    The programs included with the Debian GNU/Linux system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
    permitted by applicable law.
    You have new mail.
    Last login: Sat May  5 17:05:55 2018 from 192.168.1.36
    yasin@uxn:~$
    

    Application

    • copy file omega2 to Raspberry:
    root@Omega-C6xx:~# scp -i /root/.ssh/id_rsa /root/gpioRead yasin@192.168.1.33:/home/yasin/Downloads
    gpioRead                                      100% 9860     9.6KB/s   00:00    
    root@Omega-C6xx:~#
    
    • Use command from Omega2 on Raspberry:
    root@Omega-C6xx:~# ssh -i /root/.ssh/id_rsa yasin@192.168.1.33 "ls /home/yasin"
    2018-04-21-14-04-12.070-VirtualBox-954.log
    Arduino/
    arduino-1.8.5/
    Belgeler/
    bin/
    Build/
    ceyhun/
    Downloads/
    Genel/
    gitclonned/
    laverna/
    ...
    
    • copy file Raspberry to omega2:
    yasin@uxn:~$ scp omega2.log omega-c6xx.local:/root
    omega2.log                                                  100% 5050KB 180.3KB/s   00:28    
    yasin@uxn:~$
    
    • Use command from Raspberry on Omega2:
    yasin@uxn:~$ ssh omega-c6xx.local "df -h"
    Filesystem                Size      Used Available Use% Mounted on
    /dev/root                 5.8M      5.8M         0 100% /rom
    tmpfs                    61.4M    104.0K     61.3M   0% /tmp
    /dev/mmcblk0p1            1.8G    296.6M      1.4G  17% /
    tmpfs                   512.0K         0    512.0K   0% /dev
    /dev/sda1                14.4G     30.0M     14.4G   0% /root/flashdisk
    

    Notes

    • I did not search for fusermount so you want 2 side ssh based communication.
    • Dropbear does not support ssh conf file so you must use "-i" attr and show the correct IdentityFile for the connection
    • if you use static ip for both sides you should be ok under same subnet

    Have a nice day.



  • This post is deleted!


  • @unique1984
    Thank you for your help, everything turned out.


Log in to reply
 

Looks like your connection to Community was lost, please wait while we try to reconnect.