Config connect ssh wo password

From OpenELEC
Jump to: navigation, search
20px   OpenELEC Configuration Config connect ssh wo password

Terminal.png

This guide will show you how to connect to your OpenELEC box without using a password.

On the OpenELEC box:

Log in via ssh.

First off we should check if id_rsa.pub exists or not. If you dont have that file we must generate it.

root ~ # cd .ssh/
root ~/.ssh # ls
id_rsa       id_rsa.db    id_rsa.pub known_hosts

If this file is missing, or you cant change directory to .ssh. You'll have to create it. Run this command, and overwrite id_rsa. I personally don't use a passphrase here.

root ~/.ssh # ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/storage/.ssh/id_rsa):
/storage/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /storage/.ssh/id_rsa.
Your public key has been saved in /storage/.ssh/id_rsa.pub.
The key fingerprint is:
90:94:be:e2:d3:4d:73:e9:b2:31:db:8b:08:71:c9:f6 root@OpenELEC
The key's randomart image is:
+--[ RSA 2048]----+
|      ..         |
|     ...         |
|     .o          |
|     ..o         |
|    . =.S  .     |
|    .+..o o      |
|   ..o oE+       |
|    o...o*.      |
|     .. +oo.     |
+-----------------+

Now that you have id_rsa.pub you must send this to the remote box you don't want to be asked for password against. This is done via scp:

root ~/.ssh # scp -P 22 ~/.ssh/id_rsa.pub 
username@198.168.1.122:~/.ssh/id_rsa_localbox.pub

On the remote box:

Log in via ssh:

username@198.168.1.122:~$ cd .ssh/
username@198.168.1.122:~/.ssh$ cat id_rsa_localbox.pub >> authorized_keys
username@198.168.1.122:~/.ssh$ rm id_rsa_localbox.pub

Now we should test if it works. Go to OpenELEC's ssh again, and try this:

root ~/.ssh # ssh 
username@198.168.1.122 -p 22
Linux BeatBox 2.6.32-5-amd64 #1 SMP Wed Jan 12 03:40:32 UTC 2011 x86_64

username@198.168.1.122:~$ exit
logout
Connection to 198.168.1.122 closed.
root ~/.ssh #

However, if you get this message, all you need to do is chmod id_rsa.

root ~/.ssh # ssh 
username@198.168.1.122 -p 22
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/storage/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /storage/.ssh/id_rsa

username@198.168.1.122's password:
root ~/.ssh # chmod 600 id_rsa

Try again now.