Rsync -avz -e “ssh -i /root/.ssh/id_rsa” some-file-here. Now that ssh works, I can easily perform an automated rsync: Dropbear does not automatically look for it like OpenSSH does. Notice that you need to explicitly specify the identity file on the command line. You should now be able to ssh without a ssh -i ~/.ssh/id_rsa The difference is that when you copy the key directly from the field in PuTTY, you get 'ssh-rsa ', but when you use 'Save public key', 'ssh-rsa' is omitted, which makes the key invalid. Ensure that permissions on this file are set to 600. Dropbear is a small SSH server using in Linux distributions. Dropbear is compatible with OpenSSH /.ssh/authorizedkeys public key authentication. It supports RSA and elliptic curve cryptography for key exchange. It implements version 2 of the Secure Shell (SSH) protocol. Now copy or (concatenate) ‘authorized_keys’ to ~/.ssh on ‘webhost’. Dropbear is a free and open-source SSH server created explicitly for embedded Linux and Unix systems with low resource requirements. Since dropbear stores its keys in different format, it needs to be converted for a standard SSH server:ĭropbearkey -y -f ~/.ssh/id_rsa | grep “^ssh-rsa ” > authorized_keys The goal is to allow ‘nas’ to authenticate to ‘webhost’ using a key instead of a password.įirst, generate your identity key on ‘nas’ This assumes that the OpenWRT device is named ‘nas’ and the remote machine is ‘webhost’. As stated in this answer on Stack Overflow, the cause for this is due to a change in the minimum key length to 1024 bytes that was implemented in versions 7.6 and 7.6p1.
#Dropbear ssh key Patch
I found plenty of examples on setting up key based authentication using dropbear as the HOST, but not as the CLIENT. After combing through diffs between version 7.5p1 and later versions of OpenSSH, I finally found what I had to patch to get it to work. The later task tends to be tedious but not impossible. Then creating the root keys is simpler, than creating the SSH-keys for other non-root users. In order to rsync files from a remote host using a cron script, this is critical. First of all I discovered that the minimum keysize between SSH and dropbear keys are 768 BITS Keep this info everytime in your mind. It turns out that the dropbear ssh client works a bit differently when attempting to use key based authentication. I ran into a little bit of a hiccup getting my OpenWRT NSLU2 device to automatically rsync to a remote host.