手动重新获得嵌入式系统上的 ssh 访问权限（可以直接访问硬盘）

发布于 2024-10-15 19:27:56 字数 1449 浏览 4 评论 0原文

我再次有一个关于 ssh 问题的问题：

在嵌入式系统（没有显示器，没有键盘）上，我唯一的登录界面是 ssh。 Telnet 也被禁用。（我目前正在尝试启用它，但希望不大......）

我目前唯一的交互是接收 ping 答案并通过 smb://！

ssh 的答案始终是：

$ ssh -vvvvl root 192.168.0.3
OpenSSH_5.5p1 Debian-4ubuntu4, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.0.3 [192.168.0.3] port 22.
debug1: Connection established.
debug1: identity file /home/simon/.ssh/id_rsa type -1
debug1: identity file /home/simon/.ssh/id_rsa-cert type -1
debug1: identity file /home/simon/.ssh/id_dsa type -1
debug1: identity file /home/simon/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-8
debug1: match: OpenSSH_4.3p2 Debian-8 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu4
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer

但我通过将硬盘从设备中拉出并在连接到另一台计算机时操作其上的文件来直接访问硬盘。

在注销并被锁定之前，我的最后步骤之一是 sudo rm /etc/ssh/*host*key* ，然后是 dpkg-reconfigure openssh-server ，什么失败，因为找不到 dpkg-reconfigure。所以我猜问题是，键被删除。

我现在的问题是：如何在海外创建密钥并将其提供给 sshd 而无需在目标系统上运行任何命令，或者如何使 sshd 让我登录没有钥匙？

感谢您的帮助，如果有的话..？！

原文

Again I have a question about an ssh issue:

On a embedded system (no display, no keyboard) my only login interface was ssh. Telnet is disabled too. (I am currently trying to enable it with only little hope...)

My only interaction at the moment is receiving a ping answer and browsing my shared files via smb://!

ssh's answer is always:

$ ssh -vvvvl root 192.168.0.3
OpenSSH_5.5p1 Debian-4ubuntu4, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.0.3 [192.168.0.3] port 22.
debug1: Connection established.
debug1: identity file /home/simon/.ssh/id_rsa type -1
debug1: identity file /home/simon/.ssh/id_rsa-cert type -1
debug1: identity file /home/simon/.ssh/id_dsa type -1
debug1: identity file /home/simon/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-8
debug1: match: OpenSSH_4.3p2 Debian-8 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu4
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer

But I direct access to the hdd through pulling it out of the device and manipulating files on it while it is connected to another machine.

One of my last steps before I logged off and get locked out was sudo rm /etc/ssh/*host*key* followed by dpkg-reconfigure openssh-server, what failed because dpkg-reconfigure was not found. So I guess the problem is, that the keys are deleted.

My question is now: how can I off-shore create keys and provide them to sshd without running any command on the target system OR how can I make sshd let me log in without having a key?

Thanks for your help if there is any..?!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

末蓝 2024-10-22 19:27:56

您可以在方便的 Linux 系统上生成一组新的主机密钥，如下所示：

ssh-keygen -t rsa -b 2048 -f ssh_host_rsa_key
ssh-keygen -t dsa -b 1024 -f ssh_host_dsa_key

当 ssh-keygen 要求您输入密码时，按 Enter 而不输入任何内容。主机密钥必须具有空密码。

这将在当前目录中创建以下文件：

ssh_host_rsa_key
ssh_host_rsa_key.pub
ssh_host_dsa_key
ssh_host_dsa_key.pub

然后您可以挂载设备的硬盘驱动器并将这四个文件复制到 etc/ssh 中。

请注意，当您之后尝试 ssh 到系统时，您的 ssh 客户端会抱怨密钥与预期不同，并且可能拒绝连接。如果您正在运行 OpenSSH 客户端，则可以再次使用 ssh-keygen 来更正此问题：

ssh-keygen -R <your_server_hostname>

You can generate a new set of host keys on a handy Linux system as follows:

ssh-keygen -t rsa -b 2048 -f ssh_host_rsa_key
ssh-keygen -t dsa -b 1024 -f ssh_host_dsa_key

When ssh-keygen asks you for a passphrase, hit Enter without typing anything. Host keys must have an empty passphrase.

This creates the following files in your current directory:

ssh_host_rsa_key
ssh_host_rsa_key.pub
ssh_host_dsa_key
ssh_host_dsa_key.pub

You can then mount your device's hard drive and copy these four files into etc/ssh.

Note that when you try to ssh to the system afterwards, your ssh client will complain that the keys are different than expected, and probably refuse to connect. If you're running the OpenSSH client, you can correct this by using ssh-keygen again: