1. Home
  2. Omega Talk
  3. How to generate a pair of keys on Omega-2?

How to generate a pair of keys on Omega-2?

  • CAP 33

    I want to make a seamless access from Omega-2 to Raspberry Pi with the help of the pair keys. How to generate a pair of keys on Omega-2?

    0
  • unique1984

    • You should use this configuration for devices under the same subnet with static ip
    • If you want to connect devices from everywhere you can use reverse ssh. But this is an another question.

    Omega2+ Ω-ware: 0.2.0 b183, Dropbear v2017.75
    Debian 4.9.88-1, OpenSSH_7.4p1

    Creating ssh keys:

    1. Omega2 side (dropbearkey)

    root@Omega-C6xx:~# cd
root@Omega-C6xx:~# mkdir .ssh
root@Omega-C6xx:~# dropbearkey -t rsa -s 2048 -f .ssh/id_rsa
Generating key, this may take a while...
Public key portion is:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx
Fingerprint: md5 92:03:c5:4c:be:c1:9e:63:c7:2d:3f:12:28:68:d4:62
    • Showing and saving Omega2's public key to another file as "id_rsa.pub"
    root@Omega-C6xx:~# dropbearkey -y -f .ssh/id_rsa | grep ^ssh
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx
root@Omega-C6xx:~# dropbearkey -y -f .ssh/id_rsa | grep ^ssh > .ssh/id_rsa.pub

    When we create the ssh private key (id_rsa) on the console you see the public portion... this goes to authorized_keys file that we use on the Raspberry Pi's "~/.ssh/authorized_keys" file.

    2. RaspberryPi side (ssh-keygen)

    I don't have Pi, I am using Debian and the ssh's binary is openssh-server these configuration should work!

    yasin@uxn:~$ cd
yasin@uxn:~$ ssh-keygen -t rsa -b2048 -N "" -f ~/.ssh/omega2_passwordless_rsa
Generating public/private rsa key pair.
Your identification has been saved in /home/yasin/.ssh/omega2_passwordless_rsa.
Your public key has been saved in /home/yasin/.ssh/omega2_passwordless_rsa.pub.
The key fingerprint is:
SHA256:KZap5TCuT57Al443fZUk55AzNWXsNy9s6t8AVIbitFI yasin@uxn
The key's randomart image is:
+---[RSA 2048]----+
|           oo.o  |
|          E.oo   |
|         * =.    |
|       oB.=.. o  |
|    o * SX ..o o |
| . . O .  +  .+ .|
|  o *..  .   o.. |
|   Oo.. .   .  o |
|  oo=. .   .... .|
+----[SHA256]-----+

    We have 2 file under .ssh/ folder that can use for ssh connection without typing password.
    Do not give the private key someone

    we will use the public key Omega2 side so:

    yasin@uxn:~$ cat .ssh/omega2_passwordless_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMK6vLUNWqvseK58S2CQtdqOjPE2qHU1+ayuFooSxGl3M6Pi68pbzCclxsaDzPFEi0zmeAVU+T7/95jDUD46B52GZMxwydZgbWxWSzyVsrWz0fCxVzMK4lRfoGO2x7N5iJWtUu8jz8bpiNyWEYyUxdYZVZkpaN9SjcoxGFQt/ZbdxBnzgTVR15VGEyKBC7z0lzoGZVR23kbX9rNty34uQg4Z9tLI+TRPtZRikKBu42CaxK3FpS2VHVgDTrMdzyU9R1kqR+hBZVz+oqmr46CgY2NI2vANf/1OQVJ2U/kGjpx+v5/qDnjbsb1qU1v9nhtLiE/merfnEXkw8EvfaVjmm/ yasin@uxn

    Creating neccecary files:

    1. Omega2 side

    Copy the public key in to "/etc/dropbear/authorized_keys" file that created on the Pi device to Omega2
    Pi->omega2 connection

    root@Omega-C6xx:~# echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMK6vLUNWqvseK58S2CQtdqOjPE2qHU1+ayuFooSxGl3M6Pi68pbzCclxsaDzPFEi0zmeAVU+T7/95jDUD46B52GZMxwydZgbWxWSzyVsrWz0fCxVzMK4lRfoGO2x7N5iJWtUu8jz8bpiNyWEYyUxdYZVZkpaN9SjcoxGFQt/ZbdxBnzgTVR15VGEyKBC7z0lzoGZVR23kbX9rNty34uQg4Z9tLI+TRPtZRikKBu42CaxK3FpS2VHVgDTrMdzyU9R1kqR+hBZVz+oqmr46CgY2NI2vANf/1OQVJ2U/kGjpx+v5/qDnjbsb1qU1v9nhtLiE/merfnEXkw8EvfaVjmm/ yasin@uxn' > /etc/dropbear/authorized_keys
root@Omega-C6xx:~# /etc/init.d/dropbear restart

    for copy public key

    root@Omega-C6xx:~# cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx
root@Omega-C6xx:~#

    2. Raspberry Pi side

    Copy the public key in to "~/.ssh/authorized_keys" file that created on the Omega2 device to Pi
    omega2->Pi connection

    yasin@uxn:~$ echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCnBHLo648uVcmRAs1myDJVlZNo27TaaycRDjg9S1/r28qIkQu8rbTCgzn+BQTIrAMQsBARiVD02NaJTLP2EurGYo2ryYbYCTZYGNA7QsI6BdqIn7o8wiz7p02DZUE6CSo69HNxPwpcK6QjvV5/Ojrh5ka7C8yow4m8VqtKjGEiqcin0yWwKvSSHqLHyxK+zMLMw0vYgtvhU2EOsrHTF2y0grYRM0eTytXCZ8co+UtRgsoAtGM/5IxSiCZ1Q05zIJMlcUgLOLMq3IKUL64mDkh6XUlSchkv4IxUqx28nikayNg5+1jksVMLKe43kpdep4KiqDO8Gmbxax0C7L1fjpF root@Omega-C6xx' >> ~/ssh/authorized_keys
yasin@uxn:~$ sudo /etc/init.d/ssh restart

    Geathering connection:

    Now we can connect Omega2 without password using "omega2_passwordless_rsa" from the RaspberryPi.

    yasin@uxn:~$ ssh -i .ssh/omega2_passwordless_rsa root@omega-c6xx.local 
Warning: Permanently added the RSA host key for IP address '192.168.1.36' to the list of known hosts.


BusyBox v1.25.1 () built-in shell (ash)

   ____       _             ____
  / __ \___  (_)__  ___    / __ \__ _  ___ ___ ____ _
 / /_/ / _ \/ / _ \/ _ \  / /_/ /  ' \/ -_) _ `/ _ `/
 \____/_//_/_/\___/_//_/  \____/_/_/_/\__/\_, /\_,_/
 W H A T  W I L L  Y O U  I N V E N T ? /___/
 -----------------------------------------------------
   Ω-ware: 0.2.0 b183
 -----------------------------------------------------
root@Omega-C6xx:~#

    RaspberryPi Only
    Passwordless connection with config file.
    Create file named "~/.ssh/config"

    yasin@uxn:~$ echo -e $(cat <<EOF
Host omega-c6xx.local\n
        User    root\n
        IdentityFile ~/.ssh/omega2_passwordless_rsa\n
EOF
) >> ~/.ssh/config
yasin@uxn:~$ sudo /etc/init.d/ssh restart 
[sudo] password for yasin: 
[ ok ] Restarting ssh (via systemctl): ssh.service.
yasin@uxn:~$ ssh omega-c6xx.local 


BusyBox v1.25.1 () built-in shell (ash)

   ____       _             ____
  / __ \___  (_)__  ___    / __ \__ _  ___ ___ ____ _
 / /_/ / _ \/ / _ \/ _ \  / /_/ /  ' \/ -_) _ `/ _ `/
 \____/_//_/_/\___/_//_/  \____/_/_/_/\__/\_, /\_,_/
 W H A T  W I L L  Y O U  I N V E N T ? /___/
 -----------------------------------------------------
   Ω-ware: 0.2.0 b183
 -----------------------------------------------------
root@Omega-C6xx:~#

    Omega2->Raspberry connection

    root@Omega-C6xx:~# ssh -i /root/.ssh/id_rsa yasin@192.168.1.33
Linux uxn 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1 (2018-04-29) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have new mail.
Last login: Sat May  5 17:05:55 2018 from 192.168.1.36
yasin@uxn:~$

    Application

    • copy file omega2 to Raspberry:
    root@Omega-C6xx:~# scp -i /root/.ssh/id_rsa /root/gpioRead yasin@192.168.1.33:/home/yasin/Downloads
gpioRead                                      100% 9860     9.6KB/s   00:00    
root@Omega-C6xx:~#
    • Use command from Omega2 on Raspberry:
    root@Omega-C6xx:~# ssh -i /root/.ssh/id_rsa yasin@192.168.1.33 "ls /home/yasin"
2018-04-21-14-04-12.070-VirtualBox-954.log
Arduino/
arduino-1.8.5/
Belgeler/
bin/
Build/
ceyhun/
Downloads/
Genel/
gitclonned/
laverna/
...
    • copy file Raspberry to omega2:
    yasin@uxn:~$ scp omega2.log omega-c6xx.local:/root
omega2.log                                                  100% 5050KB 180.3KB/s   00:28    
yasin@uxn:~$
    • Use command from Raspberry on Omega2:
    yasin@uxn:~$ ssh omega-c6xx.local "df -h"
Filesystem                Size      Used Available Use% Mounted on
/dev/root                 5.8M      5.8M         0 100% /rom
tmpfs                    61.4M    104.0K     61.3M   0% /tmp
/dev/mmcblk0p1            1.8G    296.6M      1.4G  17% /
tmpfs                   512.0K         0    512.0K   0% /dev
/dev/sda1                14.4G     30.0M     14.4G   0% /root/flashdisk

    Notes

    • I did not search for fusermount so you want 2 side ssh based communication.
    • Dropbear does not support ssh conf file so you must use "-i" attr and show the correct IdentityFile for the connection
    • if you use static ip for both sides you should be ok under same subnet

    Have a nice day.

    1 CAP 33 2 Replies
  • CAP 33

    This post is deleted!
    0
  • CAP 33

    @unique1984
    Thank you for your help, everything turned out.

    0
keys 2
Log in to reply
 

Looks like your connection to Community was lost, please wait while we try to reconnect.