Editing Public key logins

Warning: You are not logged in. Your IP address will be recorded in this page's edit history.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.

Learn more about Contributing to the wiki.

It is worth setting up your tablet to use public key authentication.
The main advantage is that you can login through ssh directly into the
user account and keep root access for those situations which really
need it. It also makes the process of logging in by ssh somewhat
simpler as you don't have to type in any passwords.

The following describes how to achieve this for putty, pscp and
winscp.

First off, if you can, then set your tablet to use a fixed IP address
on your network. Do this from the 'advanced' part of the connection
setup in the tablet and choose an address accessible on your network
but outside the range allocated by DHCP. Then you can edit
\windows\system32\drivers\etc\hosts to include an entry for your
tablet. You need a line with ip address and the name. e.g.

If you use putty as your Windows SSH client (and pscp to copy files
to/from the tablet), then follow these instructions to generate keys:

On the windows system run 'puttygen'. Make sure that SSH-2 RSA is
selected in the radio buttons at the foot of the window then press the
'generate' button.  Wave the mouse round over the window until the key
is generated.

In the 'Key comment' box type in something memorable by which to
identify the key. e.g. I use 'duncan-n810-20080113' (my name-target
system-date). It doesn't much matter what you use, but if you generate
multiple keys it can help to distinguish them.

You can enter a passphrase if you want. I think that you don't need
one for accessing your tablet: if someone wants to get at the data
that badly they can simply hit you over the head and steal the device.
So leave the passphrase field blank.

Save the private key using a name such as duncan-n810-20080113.ppk. Don't close
puttgen yet.

Now run 'putty root@n810' and login using your root password. At the
command prompt enter the following commands (the mkdir may not be
needed, if so it will tell you the file alreayd exists):
<code>
        Nokia-N810-50-2:~# mkdir /home/user/.ssh
        Nokia-N810-50-2:~# vi /home/user/.ssh/authorized_keys
</code>

In vi, press 'i' to get into insert mode. Now find the Putty Key
Generator window, and copy the entire text from the box under 'Public
key for pasting into OpenSSH authorized_keys file'. It will be quite
long so be sure you get it all (it starts with 'ssh-' and ends with
the key comment you entered earlier).

Switch back to the putty session running vi and right click to paste
the key into the window; it must be all in one line. When it has
finished pasting, press the escape key then the three keys ':wq'

This should put you back at the command prompt. Try the following
command just to check. You should see something like this:
<code>
        Nokia-N810-50-2:~# cat /home/user/.ssh/authorized_keys
        ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBx5B1fZksY4shwePrPVfy5x02m0RTtcDY6jZRL0aC0lxlV
        sEHYuk4aPtsFTJb3JOveWrKqtOuJbmnQ831bw4RpCoFJonrTEGP4sFyS2dFALQEqQr9lXzGAKXbPWUij
        N/eZLcORpvxuCCvzbCNjgKBUxR4uGrGw0HajXkfWQLuaDQ== duncan-n810-20080113
</code>

-update by bluesubaru: in my case I also had to make sure the permissions on this directory are 700 and that it is owned by user "user". My directory permissions were 770 and I got a "refused key" message until I made this change.-

Check that you got both the start 'ssh-rsa' and the end of this string
in the file, it is quite easy to not quite copy all of it. Now go back
to Windows and run putty again specifying the private key file to be
used for the login:
<code>
        C:\>putty -i duncan-n810-20080113.ppk user@n810
</code>
The output in the putty window should look something like this:
<code>
        Using username "user".
        Authenticating with public key "duncan-n810-20080113"
        
        
        BusyBox v1.6.1 (2007-09-27 18:08:59 EEST) Built-in shell (ash)
        Enter 'help' for a list of built-in commands.
        
        ~ $
</code>
Next create a putty saved session. Run putty without any arguments.
Select category 'Auth', and in the 'Private key for authentication'
box select the ppk file you created. Then select the top category
'Session', in the 'host name' field enter 'user@n810' (replace n810
with the name you gave your tablet in your hosts file) then in the
'Saved Sessions' box enter 'n810'.

You can make putty use the saved session by running with the '-load'
option: e.g. putty -load n810

pscp will use the session automatically (provided the hostname and the
session name are the same):
<code>
    pscp myvideo.mp4 n810:/media/mmc1/Video
</code>
For winscp create a new session filling in the host name (n810), user
name (user), and private key file (the ppk file you saved).

[[Category:Users]]
[[Category:Internet Tablet Talk]]

Please note that all contributions to maemo.org wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see maemo.org wiki:Copyrights for details). Do not submit copyrighted work without permission!

Summary:

Cancel | Editing help (opens in new window)

Retrieved from "http://wiki.maemo.org/Public_key_logins"

Personal tools

Navigation

Views

Editing Public key logins

@@ Line 1: / Line 1: @@
-It is worth setting up your tablet to use public key authentication. The main advantage is that you can login through ssh directly into the
+It is worth setting up your tablet to use public key authentication.
-user account and keep root access for those situations which really need it. It also makes the process of logging in by ssh somewhat
+The main advantage is that you can login through ssh directly into the
-simpler as you don't have to type in any passwords.
+user account and keep root access for those situations which really
+need it. It also makes the process of logging in by ssh somewhat
+simpler as you don't have to type in any passwords.
-== Static IP ==
+The following describes how to achieve this for putty, pscp and
+winscp.
-First off, if you can, then set your tablet to use a fixed IP address on your network. You can do this on your router by assigning a specific IP to your tablet's MAC address, or this from on your tablet in the 'advanced' part of the connection setup and choose an address accessible on your network but outside the range allocated by DHCP. Then you can edit <code>\windows\system32\drivers\etc\hosts</code> to include an entry for your tablet. You need a line with ip address and the name.
+First off, if you can, then set your tablet to use a fixed IP address
+on your network. Do this from the 'advanced' part of the connection
+setup in the tablet and choose an address accessible on your network
+but outside the range allocated by DHCP. Then you can edit
+\windows\system32\drivers\etc\hosts to include an entry for your
+tablet. You need a line with ip address and the name. e.g.
-.168.1.21    n810
+<code>
+.168.1.21    n810
+</code>
-== Windows ==
+If you use putty as your Windows SSH client (and pscp to copy files
+to/from the tablet), then follow these instructions to generate keys:
-If you use putty as your Windows SSH client (and pscp to copy files to/from the tablet), then follow these instructions to generate keys:
+On the windows system run 'puttygen'. Make sure that SSH-2 RSA is
+selected in the radio buttons at the foot of the window then press the
+'generate' button.  Wave the mouse round over the window until the key
+is generated.
-On the windows system run <code>puttygen</code>. Make sure that SSH-2 RSA is selected in the radio buttons at the foot of the window then press the 'Generate' button (this may take a few minutes).
+In the 'Key comment' box type in something memorable by which to
+identify the key. e.g. I use 'duncan-n810-20080113' (my name-target
+system-date). It doesn't much matter what you use, but if you generate
+multiple keys it can help to distinguish them.
-In the 'Key comment' box type in something memorable by which to identify the key (e.g., 'duncan-n810-20080113'). It doesn't much matter what you use, but if you generate multiple keys it can help to distinguish them.
+You can enter a passphrase if you want. I think that you don't need
+one for accessing your tablet: if someone wants to get at the data
+that badly they can simply hit you over the head and steal the device.
+So leave the passphrase field blank.
-You can enter a passphrase if you want additional security, but it is not required. Otherwise leave the passphrase field blank.
+Save the private key using a name such as duncan-n810-20080113.ppk. Don't close
+puttgen yet.
-Save the private key using a name such as duncan-n810-20080113.ppk. Don't close puttgen yet.
+Now run 'putty root@n810' and login using your root password. At the
+command prompt enter the following commands (the mkdir may not be
+needed, if so it will tell you the file alreayd exists):
+<code>
+        Nokia-N810-50-2:~# mkdir /home/user/.ssh
+        Nokia-N810-50-2:~# vi /home/user/.ssh/authorized_keys
+</code>
-Now run <code>putty root@n810</code> and login using your root password. At the command prompt enter the following commands (the <code>mkdir</code> may not be needed, if so it will tell you the file already exists):
+In vi, press 'i' to get into insert mode. Now find the Putty Key
+Generator window, and copy the entire text from the box under 'Public
- Nokia-N810-50-2:~# mkdir /home/user/.ssh
+key for pasting into OpenSSH authorized_keys file'. It will be quite
- Nokia-N810-50-2:~# vi /home/user/.ssh/authorized_keys
+long so be sure you get it all (it starts with 'ssh-' and ends with
-In <code>vi</code>, press 'i' to get into insert mode. Now find the Putty Key Generator window, and copy the entire text from the box under 'Public key for pasting into OpenSSH authorized_keys file'. It will be quite long so be sure you get it all (it starts with 'ssh-' and ends with
 the key comment you entered earlier).
-Switch back to the putty session running vi and right click to paste the key into the window; it must be all in one line. When it has
+Switch back to the putty session running vi and right click to paste
-finished pasting, press the escape key then the three keys ':wq'
+the key into the window; it must be all in one line. When it has
+finished pasting, press the escape key then the three keys ':wq'
-This should put you back at the command prompt. Try the following command just to check. You should see something like this:
+This should put you back at the command prompt. Try the following
+command just to check. You should see something like this:
+<code>
+        Nokia-N810-50-2:~# cat /home/user/.ssh/authorized_keys
+        ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBx5B1fZksY4shwePrPVfy5x02m0RTtcDY6jZRL0aC0lxlV
+        sEHYuk4aPtsFTJb3JOveWrKqtOuJbmnQ831bw4RpCoFJonrTEGP4sFyS2dFALQEqQr9lXzGAKXbPWUij
+        N/eZLcORpvxuCCvzbCNjgKBUxR4uGrGw0HajXkfWQLuaDQ== duncan-n810-20080113
+</code>
- Nokia-N810-50-2:~# cat /home/user/.ssh/authorized_keys
- ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBx5B1fZksY4shwePrPVfy5x02m0RTtcDY6jZRL0aC0lxlV
- sEHYuk4aPtsFTJb3JOveWrKqtOuJbmnQ831bw4RpCoFJonrTEGP4sFyS2dFALQEqQr9lXzGAKXbPWUij
- N/eZLcORpvxuCCvzbCNjgKBUxR4uGrGw0HajXkfWQLuaDQ== duncan-n810-20080113
-Check that you got both the start 'ssh-rsa' and the end of this string in the file, it is quite easy to not quite copy all of it. Now go back
+-update by bluesubaru: in my case I also had to make sure the permissions on this directory are 700 and that it is owned by user "user". My directory permissions were 770 and I got a "refused key" message until I made this change.-
-to Windows and run putty again specifying the private key file to be used for the login:
- C:\>putty -i duncan-n810-20080113.ppk user@n810
+Check that you got both the start 'ssh-rsa' and the end of this string
+in the file, it is quite easy to not quite copy all of it. Now go back
+to Windows and run putty again specifying the private key file to be
+used for the login:
+<code>
+        C:\>putty -i duncan-n810-20080113.ppk user@n810
+</code>
 The output in the putty window should look something like this:
+<code>
-<pre>
+        Using username "user".
- Using username "user".
+        Authenticating with public key "duncan-n810-20080113"
- Authenticating with public key "duncan-n810-20080113"
- BusyBox v1.6.1 (2007-09-27 18:08:59 EEST) Built-in shell (ash)
- Enter 'help' for a list of built-in commands.
- ~ $
+        BusyBox v1.6.1 (2007-09-27 18:08:59 EEST) Built-in shell (ash)
-</pre>
+        Enter 'help' for a list of built-in commands.
+        ~ $
+</code>
+Next create a putty saved session. Run putty without any arguments.
+Select category 'Auth', and in the 'Private key for authentication'
+box select the ppk file you created. Then select the top category
+'Session', in the 'host name' field enter 'user@n810' (replace n810
+with the name you gave your tablet in your hosts file) then in the
+'Saved Sessions' box enter 'n810'.
-Next create a putty saved session. Run putty without any arguments. Select category 'Auth', and in the 'Private key for authentication'
+You can make putty use the saved session by running with the '-load'
-box select the ppk file you created. Then select the top category 'Session', in the 'host name' field enter 'user@n810' (replace n810
+option: e.g. putty -load n810
-with the name you gave your tablet in your hosts file) then in the 'Saved Sessions' box enter 'n810'.
-You can make putty use the saved session by running with the '-load' option (e.g., putty -load n810).
-pscp will use the session automatically (provided the hostname and the session name are the same):
- pscp myvideo.mp4 n810:/media/mmc1/Video
-For winscp create a new session filling in the host name (n810), user name (user), and private key file (the ppk file you saved).
+pscp will use the session automatically (provided the hostname and the
+session name are the same):
+<code>
+    pscp myvideo.mp4 n810:/media/mmc1/Video
+</code>
+For winscp create a new session filling in the host name (n810), user
+name (user), and private key file (the ppk file you saved).
 [[Category:Users]]
+[[Category:Internet Tablet Talk]]
-[[Category:Power users]]