OpenWrt Forum Archive

Topic: SSH logging avoiding password or Public/Private keys

The content of this topic has been archived on 23 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
humid
2 Oct 2012, 11:06

Hello all.

I want to port an script that I've been using in my deskopt which uses sshpass to login all the machines without any need of except/send or public/private keys stuff. Do you know if sshpass or pscp packages are available for Openwrt? I couldn't find it by myself.

If not, there would be a way to implement a passwordless login to an Openwrt router? The problem is that I have more than 100 routers and each router should receive and send archives to the others routers with the scp command, so every time I send something they ask for the password. The use of public/private keys have been considerated, but it will be a mess to create more than 100 private keys with more than 9900 public keys and install it in each router.

Do you have any ideas?

P.D. I don't care about security. I know that sending the password in plain text it's not the way, but in my case, thats not a problem.


Thank you all!

Post #2
cyberfox
2 Oct 2012, 12:42

If you don't care about security at all, you could copy the same dropbear-ssh-keys to every device. Then you would require just a single public/private key pair.

Post #3
humid
2 Oct 2012, 13:21
cyberfox wrote:

If you don't care about security at all, you could copy the same dropbear-ssh-keys to every device. Then you would require just a single public/private key pair.

Can you explain this a little longer please? As I've already read in http://wiki.openwrt.org/oldwiki/Dropbea … ationHowto, you usually generate a private/public key in the router and after this, you should copy the public key in every other router you want to connect to. I thought that these private/public keys are only valid for the host who generated them so, for each router I have, I shouldn't generate a different pair of keys?

The best option would be to create only one unique private/public key and copy it in each router (I think that's what are you trying to say) but I really don't have any clue to do this. Copying the same private and public keys generated in one router into the rest of the routers would work?

Thanks.

(Last edited by humid on 2 Oct 2012, 13:26)

Post #4
hnyman
2 Oct 2012, 13:49

I have created a private/public key pair (originally in Windows Putty).

I have then copied the public key to the Openwrt host, just like described in Wiki (to /etc/dropbear/authorized_keys file).
That enables SSH login from Windows Using Putty and its tools. After a new firmware flash I copy that key file along other settings to my router, and the connectivity continues to work.

I have also copied the private key to my Ubuntu based buildhost, which enables me to use SSH based connectivity tools like scp also from that Ubuntu machine. The exact key file format will depend on the system.

(Last edited by hnyman on 2 Oct 2012, 13:49)

The discussion might have continued from here.