Voxel's FW SSH Setup Confusion

3 posts / 0 new
Last post
zabolots
zabolots's picture
Voxel's FW SSH Setup Confusion

I created a key pair on Windows using puttygen.exe and created an authorized_keys file to put on the router via USB. However, this part from the readme confuses me:

It is recommended to replace generic server keys in /etc/dropbear keys by
your own keys after you have an access by SSH if you did not do ‘(2)’. The
commands dropbearkey and dropbearconvert could be used from
SSH/telnet.

 

 

The setssh.tar file contains these files:

drwxr-xr-x root/root  0 Nov 21 03:24 2016 autorun/
drwxr-xr-x root/root  0 Nov 21 03:24 2016 autorun/scripts/
-rwxr-xr-x root/root 1153 Nov 21 03:25 2016 autorun/scripts/post-mount.sh
-rw------- root/root    1 Mar 27 08:23 2016 authorized_keys
-rw------- root/root  242 Mar 22 10:22 2016 dropbear_ecdsa_host_key
-rw------- root/root  803 Mar 22 10:19 2016 dropbear_rsa_host_key
-rw-r--r-- root/root  268 Mar 22 10:21 2016 ssh_host_ecdsa_key.pub
-rw-r--r-- root/root  396 Mar 22 10:20 2016 ssh_host_rsa_key.pub

Am I supposed to replace the two "generic" dropbear files before putting them on the USB stick to get my authorized_keys file copied over?

If not, is there a list of steps documented somewhere that I would run on the router via SSH that will replace them after the initial SSH setup is completed?

 

 

zabolots
zabolots's picture
I installed dropbear on a

I installed dropbear on a linux machine and used dropbearkey to create new version of

dropbear_ecdsa_host_key / dropbear_rsa_host_key / ssh_host_ecdsa_key.pub / ssh_host_rsa_key.pub

and I used puttygen on Windows to create a private key / public key pair for authentication.

I can connect successfully via SSH however I noticed that in addition to the 4 files mentioned abouve, /etc/dropbear also contains these two other files that don't seem to be mentioned anywhere:

dropbear_ed25519_host_key  ssh_host_ed25519_key.pub

Why does the readme not suggest to overwrite those as well? Nor does the automount script support updating them with new versions (if provided). Can I remove these to ensure only the ones I created are used?

zabolots
zabolots's picture
I managed to create new

I managed to create new dropbear_ecdsa_host_key & ssh_host_ecdsa_key and put them on the flash drive before inserting into the router. After doing so, I am able to connect to the router using SSH. However, I noticed that there are other files that aren't part of the automatic file copy process described in the readme:

ll /etc/dropbear
-rw-------    1 root     root          141 Aug  9 11:19 dropbear_ecdsa_host_key
-rw-------    1 root     root           83 Jul 15 05:53 dropbear_ed25519_host_key
-rw-------    1 root     root          805 Aug  9 11:19 dropbear_rsa_host_key
-rw-r--r--    1 root     root          188 Aug  9 11:19 ssh_host_ecdsa_key.pub
-rw-r--r--    1 root     root           95 Jul 15 05:53 ssh_host_ed25519_key.pub
-rw-r--r--    1 root     root          408 Aug  9 11:19 ssh_host_rsa_key.pub

You'll notice that the files I created have a recent date while the highlighted items have the firmware creation date.

Why are these files present, why does the readme and autocopy scropt not include instructions/tasks for overwriting them? Can they be removed without affecting functionality?