Products > Test Equipment
Default ssh credentials from the Rigol DHO814
lownoise:
There are two authorized_keys...
original: \system\etc\ssh\authorized_keys (ro)
and a copy : \data\ssh\authorized_keys (overwritten at every restart)
I had no idea how to get my key into the original \system\etc\ssh\authorized_keys,
so i add it to \data\ssh\authorized_keys on every restart with the entry in the start_rigol_app.sh
Both solutions work, but adding the key to the original \system\etc\ssh\authorized_keys is of course the better solution :-+
Randy222:
--- Quote from: lownoise on January 15, 2024, 05:27:51 pm ---There are two authorized_keys...
original: \system\etc\ssh\authorized_keys (ro)
and a copy : \data\ssh\authorized_keys (overwritten at every restart)
I had no idea how to get my key into the original \system\etc\ssh\authorized_keys,
so i add it to \data\ssh\authorized_keys on every restart with the entry in the start_rigol_app.sh
Both solutions work, but adding the key to the original \system\etc\ssh\authorized_keys is of course the better solution :-+
--- End quote ---
Did editing just the keys file in /data/ssh/ survive a reboot?
sshd_config points directly to the auth keys file in /data/ssh/
I'll go check, but when I edited the keys file in /system/etc/ssh/ , my edits somehow showed up in the keys file in /data/ssh/
I don't see any symlink between the two.
I suspect some start script copies the file from /system over to /data
cte:
@Randy222: The start script is in /system/bin/start-ssh (see below)
Actual copying is done here:
if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then
cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS
fi
--- Code: ---#!/system/bin/sh
umask 077
# DEBUG=1
DSA_KEY=/data/ssh/ssh_host_dsa_key
DSA_PUB_KEY=/data/ssh/ssh_host_dsa_key.pub
RSA_KEY=/data/ssh/ssh_host_rsa_key
RSA_PUB_KEY=/data/ssh/ssh_host_rsa_key.pub
AUTHORIZED_KEYS=/data/ssh/authorized_keys
DEFAULT_AUTHORIZED_KEYS=/system/etc/security/authorized_keys.default
if [ ! -f $DSA_KEY ]; then
/system/bin/ssh-keygen -t dsa -f $DSA_KEY -N ""
chmod 600 /$DSA_KEY
chmod 644 $DSA_PUB_KEY
fi
if [ ! -f $RSA_KEY ]; then
/system/bin/ssh-keygen -t rsa -f $RSA_KEY -N ""
chmod 600 /$RSA_KEY
chmod 644 $RSA_PUB_KEY
fi
if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then
cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS
fi
if [ "1" == "$DEBUG" ] ; then
# run sshd in debug mode and capture output to logcat
/system/bin/logwrapper /system/bin/sshd -f /system/etc/ssh/sshd_config -D -d
else
# don't daemonize - otherwise we can't stop the sshd service
/system/bin/sshd -f /system/etc/ssh/sshd_config -D
fi
--- End code ---
Randy222:
--- Quote from: cte on January 15, 2024, 10:01:55 pm ---@Randy222: The start script is in /system/bin/start-ssh (see below)
Actual copying is done here:
if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then
cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS
fi
--- Code: ---#!/system/bin/sh
umask 077
# DEBUG=1
DSA_KEY=/data/ssh/ssh_host_dsa_key
DSA_PUB_KEY=/data/ssh/ssh_host_dsa_key.pub
RSA_KEY=/data/ssh/ssh_host_rsa_key
RSA_PUB_KEY=/data/ssh/ssh_host_rsa_key.pub
AUTHORIZED_KEYS=/data/ssh/authorized_keys
DEFAULT_AUTHORIZED_KEYS=/system/etc/security/authorized_keys.default
if [ ! -f $DSA_KEY ]; then
/system/bin/ssh-keygen -t dsa -f $DSA_KEY -N ""
chmod 600 /$DSA_KEY
chmod 644 $DSA_PUB_KEY
fi
if [ ! -f $RSA_KEY ]; then
/system/bin/ssh-keygen -t rsa -f $RSA_KEY -N ""
chmod 600 /$RSA_KEY
chmod 644 $RSA_PUB_KEY
fi
if [[ ! -f $AUTHORIZED_KEYS && -f $DEFAULT_AUTHORIZED_KEYS ]]; then
cat $DEFAULT_AUTHORIZED_KEYS > $AUTHORIZED_KEYS
fi
if [ "1" == "$DEBUG" ] ; then
# run sshd in debug mode and capture output to logcat
/system/bin/logwrapper /system/bin/sshd -f /system/etc/ssh/sshd_config -D -d
else
# don't daemonize - otherwise we can't stop the sshd service
/system/bin/sshd -f /system/etc/ssh/sshd_config -D
fi
--- End code ---
--- End quote ---
I guess I missed it, wasn't looking for it, kinda suspected what was going on after my edit to keys file in /system/etc/ssh
Not sure why they copy back the keys file, and then reference /data/ssh/ keys file in sshd_config , maybe so you can edit the keys file in /data area since /data is mounted rw ?
Navigation
[0] Message Index
[*] Previous page
Go to full version