Reply
Emerging Member
Posts: 92
Registered: ‎10-06-2008
Kudos: 2

ssh key based auth

Hello people,

I'm trying to get ssh key based authentication to work on my Ns2

I have searched the forum extensively but I have no idea what is wrong, found some how to's

XS2.ar2316.v4.0.1.4978.111219.2121

I tried everything like changing the username to admin or a different name.

Copied my id_dsa.pub to /etc/persistent/.ssh/authorized_keys

change permissions to the authorized_keys file to 600

adding

users.1.homedir=/etc/persistent

To /tmp/system.cfg and cfgmtd -w -p /etc/

I just cannot get the key based authentication to work.

What am I missing?
Established Member
Posts: 833
Registered: ‎06-17-2010
Kudos: 77

Re: ssh key based auth

You have to do it on the openssh client so the linux box that must acces the nanostation, not on the nanostation.
Emerging Member
Posts: 92
Registered: ‎10-06-2008
Kudos: 2

Re: ssh key based auth

@mike99
I've set up many devices with ssh key based authentication, I'm pretty sure that the id_dsa.pub should be in authorized_keys on the server side.
Established Member
Posts: 833
Registered: ‎06-17-2010
Kudos: 77

Re: ssh key based auth

@mike99
I've set up many devices with ssh key based authentication, I'm pretty sure that the id_dsa.pub should be in authorized_keys on the server side.

Done it 2 time this week and you must do it only on client side. The client must connect to the server so it's the one that need all the file to bypass the password. All was clearly explain on the link I send you on the previous thread.
Emerging Member
Posts: 92
Registered: ‎10-06-2008
Kudos: 2

Re: ssh key based auth

Done it 2 time this week and you must do it only on client side. The client must connect to the server so it's the one that need all the file to bypass the password. All was clearly explain on the link I send you on the previous thread.


I'll just illustrate what I've done;

My Nano is at 10.2.3.2 and this is how I did it:


ssh ubnt@10.2.3.2 'echo users.1.homedir=/etc/persistent >> /tmp/system.cfg'

ssh ubnt@10.2.3.2 'mkdir -p /etc/persistent/.ssh'

scp ~/.ssh/id.dsa.pub ubnt@10.2.3.2:/etc/persistent/.ssh/authorized_keys

ssh ubnt@10.2.3.2 'chmod 700 /etc/persistent/.ssh && chmod 600 /etc/persistent/.ssh/authorized_keys && cfgmtd -w -p /etc/ && reboot'

If you've done it twice this week, then tell me what I've done wrong please!
I just keeps asking for my password...

This is the debug SSH connection:

debug2: key: /Users/jeroen/.ssh/id_rsa (0x20dfeb60)
debug2: key: /Users/jeroen/.ssh/id_dsa (0x20dfec30)
debug2: key: /home/jeroen/.ssh/id_rsa ((nil))
debug2: key: /home/jeroen/.ssh/id_dsa (0x20df8dd8)
debug2: key: /home/jeroen/.ssh/id_ecdsa ((nil))
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/jeroen/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Offering DSA public key: /Users/jeroen/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/jeroen/.ssh/id_rsa
debug1: Offering DSA public key: /home/jeroen/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/jeroen/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
Emerging Member
Posts: 92
Registered: ‎10-06-2008
Kudos: 2

Re: ssh key based auth

Have solved my problem with key based authentication now....
I use expect scripting which can send passwords in a script...
New Member
Posts: 28
Registered: ‎02-03-2012

Re: ssh key based auth

@mike99
All was clearly explain on the link I send you on the previous thread.

Do you talk about linuxproblem.org/art_9.html ?
a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
Host B is the nanostation/bullet, the SSH server.
So, jeroenimo was right.
----------
I had the same same problem.
I resolved it changing ownership of /etc/persistent (chmod 750 /etc/persistent), as stated here and here.
Emerging Member
Posts: 92
Registered: ‎10-06-2008
Kudos: 2

Re: ssh key based auth

chmod 750 /etc/persistent did the trick ;-)

Reply