WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Outbound key-based ssh

0 votes
591 views 6 comments
by anonymous
Hi

I would like to establish an outbound ssh-connection from the RUT240 to a server.

I have confirmed I can do this manually from a shell, but in order to automize the connection, I need to use key-based auth.

Do you have a trick to create a set of keys on the device, I cannot find neither ssh-keygen nor ssh-copy-id in the package manager?

Best regards Robert

1 Answer

+1 vote
by anonymous

Hello,

The default ssh key is in /etc/dropbear, you can use dropbearkey to extract the public key:

dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | grep ssh-rsa

If this key is rejected by the remote server with a message like "ssh: Connection to root@xxxx:22 exited: No auth methods could be used." then you'll have to install optional packages;

opkg update; opkg install openssh-client; opkg install openssh-keygen

This will give you the full-featured ssh and ssh-keygen.

Regards,

Best answer
by anonymous
Thank you very much for your reply. Unfortunately, when I install openssh-client, the ssh command stop working, consistently returning the error message:

ssh: can't load library 'libcrypto.so.1.0.0'

Do you know if I need to install additional packages?
by anonymous
Witch firmware version do you use ?

If you have a /usr/lib/libcrypto.so.1.1 you can try to add a symbolic link:

cd /usr/lib; ln -s libcrypto.so.1.1 libcrypto.so.1.0.0

and retry the ssh.
by anonymous
I have firmware RUT2XX_R_00.01.14

I make the symbolic link the ssh command is able to run without parameters (showing the help message), but if I try to connect to a host (any host), it fails with Segmentation fault :-(
by anonymous
The openssh-client and keygen packages are for an old version remove them with opkg remove openssh-client openssh-keygen and remove the symlink also.

I have compiled a recent version if you are interested I can send you a copy.
by anonymous
Just for completeness when using the dropbearkey. Copy the resulting key to the servers authorized_keys file. If it doesn't exist, you need to changemod 600 authorized_keys. The ssh command on the RUT9xx need to contain -i /etc/dropbear/dropbear_rsa_host_key.
by anonymous
Yes, good point.