cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
eliezer
Explorer
Explorer
437 Views
Registered: ‎03-21-2019

Dropbear passwordless login not working

I have a petalinux 2019.1 project that includes packagegroup-core-ssh-dropbear in the rootfs (NOT the normal dropbear package).

I am trying to allow my Putty client to connect to the petalinux system without needing a login, but it is not working.

Every connection attempt is greeted with the login prompt, and it still requires a password. If I disallow password logins, the SSH connection just errors out.

I used Putty key generator to generate my keys. The issue is where do I put them? Varying sources online have suggested that any of the following locations might be the correct place for the key files.

  • ~/.ssh/authorized_keys
  • /etc/.ssh/authorized_keys
  • /etc/dropbear/authorized_keys

I have tried copying the public key from my Putty client into all of those places, to no avail. Additionally, one source even suggested that only a DSA key would be compatible with non-dropbear SSH clients. This also did not fix the problem.

I believe my main problem is the location of the key. Where is packagegroup-core-ssh-dropbear going to look for authorized keys by default?

0 Kudos
5 Replies
maps-mpls
Mentor
Mentor
412 Views
Registered: ‎06-20-2017

Interesting problem.   Have you seen this:  https://forums.xilinx.com/t5/Embedded-Linux/dropbear-root-login-petalinux-2019-1/td-p/979852 (not sure it will help, but it might possibly be related, especially if you're trying to do an ssh root@...)

 

Out of curiosity, is this better or worse security than a password.  Or are you doing it for convenience of a script?

*** Destination: Rapid design and development cycles *** Unappreciated answers get deleted, unappreciative OPs get put on ignored list ***
0 Kudos
eliezer
Explorer
Explorer
363 Views
Registered: ‎03-21-2019

Yes, I've seen that thread. It was not useful to me, since the recipe for dropbear is not the same as the recipe for packagegroup-core-ssh-dropbear.

Turning off password logins in SSH is considered better security, since only the systems that have already exchanged keys can SSH to each other. My issue is that process itself.

hokim
Scholar
Scholar
335 Views
Registered: ‎10-21-2015

HI

Is the permission of the authorized_keys correct?

It should have 0600

0 Kudos
eliezer
Explorer
Explorer
257 Views
Registered: ‎03-21-2019

Yes, tried that

0 Kudos
eliezer
Explorer
Explorer
151 Views
Registered: ‎03-21-2019

Gave up on Dropbear altogether. Switched to openSSH and am having much more success. I recommend whoever finds this do the same.

0 Kudos