Public key authentication with ssh


#1

Is it possible to work with public key authentication when connecting with ssh to the FX30 modem? I generated the keys on the FX30 using the ‘dropbearkey -t rsa -f ~/.ssh/id_rsa’ command, saved the public key to ~/.ssh/id_rsa.pub file, appended it to ~/.ssh/authorized_keys file and /etc/dropbear/authorized_keys file but ssh still requests a password.


#2

Hi,

Please contact authorized distributor in SWI for your support to provide you the solution.
you can refer to below mentioned link to get the authorized distributor details.
https://www.sierrawireless.com/distributor-page/#/

Thanks and Regards,
Moderator


#3

Public key authentication provides SSH users with the convenience of logging in to their Linodes without entering their passwords. SSH keys are also more secure than passwords, because the private key used to secure the connection is never shared.


#4

The problem was due to insecure file system permissions. Here is a list of commands that generates the key and sets the right permissions (the hardest to find was the first):

dropbearkey -t rsa -f ~/.ssh/id_rsa | grep ssh-rsa > .ssh/authorized_keys
chown root /home/root
chmod 700 /home/root
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa
chmod 600 ~/.ssh/authorized_keys

The '/etc/dropbear/authorized_keys ’ file is uneccessary. Do use the dropbearkey command to generate the key-pair though.

IMPORTANT: Since the owner of /home/root is ‘appfwupdateService’ by default, for safety reasons you shoud switch back to this user and default permissions (755) before doing a firmware update.