====== Dropbear Public-Key authentication ======
Public-Key authentication allows you to log in to your routers console without needing to type your password.
Instead a public-key will be used to authenticate you.
===== Overview =====
==== Level of difficulty ===
Easy
==== Related topics ====
Internal:
* [[documentation:configuration:uci|UCI]]
* [[documentation:configuration:config_files:config_dropbear|/etc/config/dropbear]]
External:
* [[https://matt.ucc.asn.au/dropbear/dropbear.html|Dropbear]]
* [[http://www.openssh.org/|OpenSSH]]
* [[http://www.chiark.greenend.org.uk/~sgtatham/putty/|PuTTY]]
* [[wp>Key authentication]]
===== Instructions =====
==== Preparations ====
- install ssh-client on your clients (OpenSSH, Putty)
- prepare private-/public-key's (ssh-keygen, Puttygen)
FIXME detailed instructions needed
==== GUI ====
Not available, yet
==== UCI Config System ====
Not available, yet.
==== UCI config files (native) ====
Dropbear automatically looks in '/etc/dropbear/authorized_keys' for known identities. All needs to be done is to append the own public-key to this file.
In the following example i simply cat my public key into a new 'authorized_keys'-file and copie it onto the router.
* **New something**
cat .ssh/id_dsa.pub > authorized_keys
scp authorized_keys 192.168.1.1:/etc/dropbear/
After that, logging in from a mashine with my public-key won't require a password:
:~ $ ssh 192.168.1.1
BusyBox v1.22.1 (2015-05-07 14:47:43 CEST) built-in shell (ash)
Enter 'help' for a list of built-in commands.
____ ____ _ _ _ _____ _____ _____ __ __ _____
| \| \ __| | | | __ |_ _| | | | | |_ _|
| | | | |__| | | | -| | | | | | |> < | |
|____/|____/ |_____|__|__| |_| |_|___|__|__| |_|
----------------------------------------------------
Made by embeDD GmbH (Barrier Breaker, r43215)
----------------------------------------------------
root@dd-wrt-nxt:~#
===== Troubleshooting =====
Not available, yet