Results 1 to 19 of 19
  1. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
       #1  
    I have read through dozens of threads, the pages over at Webos-internals, and the manuals for Putty, WinSCP, and OpenSSH. So, I apologize if I'm missing something obvious, or if I'm asking a repeat question.

    I have installed OpenSSH, OpenSSH SFTP, and all the related and necessary optware packages.

    I can SSH with both Putty and WinSCP using port 222, a username, and a password. No problems. Port 22 won't connect this way (nor any other way for that matter).

    Maybe I'm misunderstanding what it means when the OpenSSh description says "passwords are completely disabled by default."

    I've generated keys following the Secure Linux/UNIX access with PuTTY and OpenSSH tutorial suggested on the Application:OpenSSH page. I can't get the secure key authentication to work on Port 22. To connect, I'm still required to enter a password and use port 222.

    When that didn't work, I tried manually generating the keys using the steps outlined on the Application:OpenSSH page. I can't get these keys to work either. Port 22 won't work. Password and port 222 are still necessary to connect.

    When that didn't work, I followed the steps outlined in Using PuTTYgen. Secure key authentication won't work for me this way either. Password and port 222 still required.

    I don't really mind having to use a username and password. I'm just very frustrated that I can't get the public/private keys to work without having to use a password. I've uninstalled and reinstalled the optware packages -- didn't help. I've uninstalled just the dropbear -- didn't help.

    Like I said, I'm sure I'm overlooking something obvious. Please help if you can. I'll be happy to provide any additional information and log entries.
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
  2. #2  
    I'm under the impression that a secure key requires a password.

    But I'm a noob when it comes to OpenSSH.
  3. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
       #3  
    you're right to the extent that private keys do need a passphrase if you set one up. However, this doesn't seem to be what the prompt is asking for when I try to connect.

    If I enter my private key passphrase when it asks for a password, my access is denied. If I enter my user password when it asks for a password, I can connect (provided I'm using port 222).
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
  4. #4  
    There are two ways to install OpenSSH.

    The old way is to use the optware-boostrap script. This sets up a user and password and works on port 222. People find it cumbersome, and there was no easy way to set the password from Preware.

    The new way is to install OpenSSH from Preware. This requires you to set up ssh keys and then you log in as root using those keys on port 22. It does not support passwords by default (we don't want an iPhone openssh worm, thanks), but you can edit a configuration file on the device to change this if you know how.

    You can't run both methods at the same time.

    -- Rod
    WebOS Internals and Preware Founder and Developer
    You may wish to donate by Paypal to donations @ webos-internals.org if you find our work useful.
    All donations go back into development.
    www.webos-internals.org twitter.com/webosinternals facebook.com/webosinternals
  5. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
       #5  
    Thanks Rod. I don't want to run both methods at the same time. I would rather run the ssh keys on port 22.

    My really long post was trying to make the point that I just can't make it work, no matter how I generate the keys. I name the keys properly, and I place them in the correct directory. But it still doesn't work.

    I'm OK using a password on port 222 if I have to, but I understand it to be less secure. So, I was trying to set up the ssh keys and use port 22 to increase security.

    Mostly, I'm just frustrated that I can't get it to work.
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
  6. #6  
    I too used the original optware SSH+sudo methodology, but doctored my Pre when 1.3.5 came out. After a bit of study, I find the new method is much simpler, but it requires understanding the process for creating, importing and installing the private key in PuTTY.

    Each method is mutually exclusive. The current version configures the major settings on the command line (inside /etc/event.d/mobi.optware.openssh), not from /var/opt/etc/openssh/sshd_config.
  7. #7  
    Quote Originally Posted by jrtesq View Post
    Thanks Rod. I don't want to run both methods at the same time. I would rather run the ssh keys on port 22.

    My really long post was trying to make the point that I just can't make it work, no matter how I generate the keys. I name the keys properly, and I place them in the correct directory. But it still doesn't work.

    I'm OK using a password on port 222 if I have to, but I understand it to be less secure. So, I was trying to set up the ssh keys and use port 22 to increase security.

    Mostly, I'm just frustrated that I can't get it to work.
    If you want port 22 access instead of port 222 access, then you need to ipkg-opt remove the old packages and Preware install the new ones.

    -- Rod
    WebOS Internals and Preware Founder and Developer
    You may wish to donate by Paypal to donations @ webos-internals.org if you find our work useful.
    All donations go back into development.
    www.webos-internals.org twitter.com/webosinternals facebook.com/webosinternals
  8. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
       #8  
    Quote Originally Posted by dgdonovan View Post
    After a bit of study, I find the new method is much simpler, but it requires understanding the process for creating, importing and installing the private key in PuTTY.
    I believe I have a handle on how to create, import, and install the private key. I'll double check to make sure I'm not doing anything wrong.

    Quote Originally Posted by dgdonovan View Post
    Each method is mutually exclusive.
    This might be the problem. Do I have to uninstall the old bootstrap script before the new method will work? If so, please let me know the best way to do so.

    Quote Originally Posted by dgdonovan View Post
    The current version configures the major settings on the command line (inside /etc/event.d/mobi.optware.openssh), not from /var/opt/etc/openssh/sshd_config.
    I haven't messed with either of these files.

    Thanks for your insight.
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
  9. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
       #9  
    Quote Originally Posted by rwhitby View Post
    If you want port 22 access instead of port 222 access, then you need to ipkg-opt remove the old packages and Preware install the new ones.

    -- Rod
    Thanks Rod! This is what I was missing. Like I said, I wasn't seeing something obvious.
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
  10. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
       #10  
    Update:

    I removed all old ssh packages with ipkg-opt remove. I installed preware ssh packages.

    works like a charm.

    thanks for all the help.
    Last edited by jrtesq; 01/22/2010 at 03:11 PM. Reason: tidy up the grammar
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
  11. #11  
    can you post the commands to remove the old packages??

    i accidently have both versions installed and i think its messing me up because just like you i can only do port 222 and cant ssh in as root at all.
  12. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
       #12  
    first, I used Preware to uninstall all the Preware versions of optware. Then I did the ipkg-opt removal.

    from memory, I did

    ipkg-opt remove openssh

    ipkg-opt remove openssh-sftp-server

    ipkg-opt remove dropbear

    ipkg-opt remove easyrsa

    ipkg-opt remove zlib


    I might have forgotten one here.

    YMMV
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
  13. #13  
    thanks. will mess with it tommorow
  14. #14  
    Rod, is there any way to enable openssh on th 3g network? Openssh is now only possible via WiFi and I would love to be able to log in through 3g. I tried editing iptables to allow 3g access but that didnt work.
  15. #15  
    My intention was to change from the old Optware openssh to the Preware installation. I followed the above terminal commands, uninstalled openssh, did the ipkg-removes, and tried to reinstall openssh via Preware - now, after the 1.4.1 update, the openssh packages have diappeared - I can neither find openssh, nor openssl. Any idea?
    Last edited by ZehHa; 04/03/2010 at 07:27 AM.
  16. #16  
    Quote Originally Posted by ZehHa View Post
    My intention was to change from the old Optware openssh to the Preware installation. I followed the above terminal commands, uninstalled openssh, did the ipkg-removes, and tried to reinstall openssh via Preware - now, after the 1.4.1 update, the openssh packages have diappeared - i can neither find openssh, nor openssl. Any idea?
    Twitter / WebOS Internals: Our autobuilder machine (n ...

    -- Rod
    WebOS Internals and Preware Founder and Developer
    You may wish to donate by Paypal to donations @ webos-internals.org if you find our work useful.
    All donations go back into development.
    www.webos-internals.org twitter.com/webosinternals facebook.com/webosinternals
  17. #17  
    That's sad. Thanks for the link!

    [edit] 17:54 CEDT - Everything working again, all done. Thanks webosinternals!

    [/edit]
    Last edited by ZehHa; 04/03/2010 at 11:28 AM.
  18. #18  
    Quote Originally Posted by jrtesq View Post
    Update:

    I removed all old ssh packages with ipkg-opt remove. I installed preware ssh packages.

    works like a charm.

    thanks for all the help.

    I may be having the same issue -- just read this thread. I have 1.4.1 installed + 800 ocKernel and all the necessary stuff from Optware (OpenSSH, OpenSSL, Optware Advanced Linux Command Line Installer, Optware Bootstrap, Zlib and EZ-ipupdate).
    I've downloaded and gone through the steps for puTTY, puTTY Generator, created id_rsa keys(Private), used the "Browse" feature to import it, turned on wifi on the Pre, etc. etc. etc.

    I still can't get through using port 22 or port 222. Do I have to have a computer with a wifi card and internet with connection? Does the pre need to be attached via USB? How the heck to do I get the SSH crap to work!? Arghh!

    I do have a wifi network at home that the Pre is auto-logged into -- tried it there, tried it at work, I have several DynDNS.com: Free DNS Hosting, E-mail Delivery, and VPS Hosting accounts/host names, etc. Even have What's my IP on the pre to give me that info. I keep getting the black terminal screen and either get a quick or a 20 second delay on the same message: Network connection not established -- timed out!

    Any help from you or RWhitby?! Lost in the dark here.
  19. #19  
    Quote Originally Posted by jrtesq View Post
    first, I used Preware to uninstall all the Preware versions of optware. Then I did the ipkg-opt removal.

    from memory, I did

    ipkg-opt remove openssh

    ipkg-opt remove openssh-sftp-server

    ipkg-opt remove dropbear

    ipkg-opt remove easyrsa

    ipkg-opt remove zlib


    I might have forgotten one here.

    YMMV
    How do I go about removing any old ipkg-opt files that I may still have on my Pre? What method/steps are there and where might I find it? I"ve dredged the internet, WebOS Internals and PreCentral for naught.........

Tags for this Thread

Posting Permissions