Sunday, 5 January 2014

Connecting to a Jolla with a RSA Key File for password-less SSH Access

In a much earlier article, I showed how we can connect to a Nokia N9 phone with an RSA key for pas wordless SSH access in much the same way we connect to the Sailfish Emulator and SDK.

Surprise surprise, exactly the same is possible with a real Jolla device. No more typing in long passwords!

Black Courier shows commands typed on your development host.

Blue Courier shows commands typed on your Jolla (via SSH).

This article show how to do this for OSX and Linux. With a few extra steps, the same should be possible from Windows using Putty. See the previous example on connecting via Putty.



Please note: you do this at your own risk! In my case this operation was absolutely painless, but if it turns your new toy into a useless brick, don't come running to me!

Firstly we need to generate a key pair on our development host. In this case I will be using Apple-pip my MacBookAir. This will give us a public key and a private key. The private key will remain securely on Apple-pip (the client in the connection), and the public key will be put on to the connection server - the Jolla.

So on Apple-Pip: let's move the .ssh directory, then list what's already there

cd ~/.ssh

ls -ahl

 

Now we will generate a key pair called jolla_rsa, with an empty passphrase.

 

ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (~/.ssh/id_rsa): jolla_rsa

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in jolla_rsa.

Your public key has been saved in jolla_rsa.pub.

The key fingerprint is:

f1:8e:51:ab:d8:0c:fb:2f:ee:9c:fd:d5:02:25:69:d6 xxxxxxx@Apple-Pip.local

The key's randomart image is:

+--[ RSA 2048]----+

|                 |

|             o   |

|        . . = E  |

|         + + o   |

|      . S o .    |

|       * =   . . |

|      o = .   o .|

|       o.o   . . |

|       o*oo..    |

+-----------------+

 

Now if we ls again we should find  2 additional files, 

* private key jolla_rsa

* and the public key  jolla_rsa.pub

 

Now we need to transfer the public key to the Jolla:

 

scp ~/.ssh/jolla_rsa.pub nemo@192.168.72.100:/home/nemo/

 

Note, for the time being I am using SSH via WLAN (because the more obvious SSH via USB does not work on OSX yet). However you are connect: substitute your Jolla's IP number, as shown on the developer tools page in Settings.

 

Then we connect to the Jolla as we always have done, with password (using your Jolla's IP number):

 

nemo@192.168.72.100

 

Once connected, move to the .ssh directory.

 

cd .ssh

 

Now we want to concatenate the contents of the public key to the authorized_keys file

 

cat ../jolla_rsa.pub >> authorized_keys

 

Then we cleanup by removing the public key file from the Jolla.

 

cd ..


rm jolla_rsa.pub

 

Exit, and try reconnecting from your development host as follows (using your Jolla's IP number):

ssh -i ~/.ssh/jolla_rsa nemo@192.168.72.100

And Voila! we are in.

Last login: Sun Jan 5 17:18:30 2014 from 192.168.72.113
,---
| SailfishOS 1.0.2.5 (Maadajävri) (armv7hl)
'---
[nemo@localhost ~]$


2 comments:

  1. Thanks a lot for this valuable hint. One tip from me: take a look at ssh-copy-id that makes copying ssh keys more comfortable.

    ReplyDelete
  2. Hi Schwarmi.
    I am glad the hint helps, and thanks for yours. ssh-copy-id is something I have been meaning to look into, but have somehow never got around to (having already deployed the key), but i will look into later tonight!

    Chris

    ReplyDelete