| Products > Test Equipment |
| Default ssh credentials from the Rigol DHO814 |
| << < (3/3) |
| lownoise:
There are two authorized_keys... original: \system\etc\ssh\authorized_keys (ro) and a copy : \data\ssh\authorized_keys (overwritten at every restart) I had no idea how to get my key into the original \system\etc\ssh\authorized_keys, so i add it to \data\ssh\authorized_keys on every restart with the entry in the start_rigol_app.sh Both solutions work, but adding the key to the original \system\etc\ssh\authorized_keys is of course the better solution :-+ |
| Randy222:
--- Quote from: lownoise on January 15, 2024, 05:27:51 pm ---There are two authorized_keys... original: \system\etc\ssh\authorized_keys (ro) and a copy : \data\ssh\authorized_keys (overwritten at every restart) I had no idea how to get my key into the original \system\etc\ssh\authorized_keys, so i add it to \data\ssh\authorized_keys on every restart with the entry in the start_rigol_app.sh Both solutions work, but adding the key to the original \system\etc\ssh\authorized_keys is of course the better solution :-+ --- End quote --- Did editing just the keys file in /data/ssh/ survive a reboot? sshd_config points directly to the auth keys file in /data/ssh/ I'll go check, but when I edited the keys file in /system/etc/ssh/ , my edits somehow showed up in the keys file in /data/ssh/ I don't see any symlink between the two. I suspect some start script copies the file from /system over to /data |
| cte:
@Randy222: The start script is in /system/bin/start-ssh (see below) Actual copying is done here: if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS fi --- Code: ---#!/system/bin/sh umask 077 # DEBUG=1 DSA_KEY=/data/ssh/ssh_host_dsa_key DSA_PUB_KEY=/data/ssh/ssh_host_dsa_key.pub RSA_KEY=/data/ssh/ssh_host_rsa_key RSA_PUB_KEY=/data/ssh/ssh_host_rsa_key.pub AUTHORIZED_KEYS=/data/ssh/authorized_keys DEFAULT_AUTHORIZED_KEYS=/system/etc/security/authorized_keys.default if [ ! -f $DSA_KEY ]; then /system/bin/ssh-keygen -t dsa -f $DSA_KEY -N "" chmod 600 /$DSA_KEY chmod 644 $DSA_PUB_KEY fi if [ ! -f $RSA_KEY ]; then /system/bin/ssh-keygen -t rsa -f $RSA_KEY -N "" chmod 600 /$RSA_KEY chmod 644 $RSA_PUB_KEY fi if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS fi if [ "1" == "$DEBUG" ] ; then # run sshd in debug mode and capture output to logcat /system/bin/logwrapper /system/bin/sshd -f /system/etc/ssh/sshd_config -D -d else # don't daemonize - otherwise we can't stop the sshd service /system/bin/sshd -f /system/etc/ssh/sshd_config -D fi --- End code --- |
| Randy222:
--- Quote from: cte on January 15, 2024, 10:01:55 pm ---@Randy222: The start script is in /system/bin/start-ssh (see below) Actual copying is done here: if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS fi --- Code: ---#!/system/bin/sh umask 077 # DEBUG=1 DSA_KEY=/data/ssh/ssh_host_dsa_key DSA_PUB_KEY=/data/ssh/ssh_host_dsa_key.pub RSA_KEY=/data/ssh/ssh_host_rsa_key RSA_PUB_KEY=/data/ssh/ssh_host_rsa_key.pub AUTHORIZED_KEYS=/data/ssh/authorized_keys DEFAULT_AUTHORIZED_KEYS=/system/etc/security/authorized_keys.default if [ ! -f $DSA_KEY ]; then /system/bin/ssh-keygen -t dsa -f $DSA_KEY -N "" chmod 600 /$DSA_KEY chmod 644 $DSA_PUB_KEY fi if [ ! -f $RSA_KEY ]; then /system/bin/ssh-keygen -t rsa -f $RSA_KEY -N "" chmod 600 /$RSA_KEY chmod 644 $RSA_PUB_KEY fi if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS fi if [ "1" == "$DEBUG" ] ; then # run sshd in debug mode and capture output to logcat /system/bin/logwrapper /system/bin/sshd -f /system/etc/ssh/sshd_config -D -d else # don't daemonize - otherwise we can't stop the sshd service /system/bin/sshd -f /system/etc/ssh/sshd_config -D fi --- End code --- --- End quote --- I guess I missed it, wasn't looking for it, kinda suspected what was going on after my edit to keys file in /system/etc/ssh Not sure why they copy back the keys file, and then reference /data/ssh/ keys file in sshd_config , maybe so you can edit the keys file in /data area since /data is mounted rw ? |
| Navigation |
| Message Index |
| Previous page |