ssh-keygen ?

this is not a mios/vera related question …

i want to execute a command on another machine via a scene.
to do that i need to have a ssh key pair avaiable to have the logins working without the client asking questions.

but the app ssh-keygen is missing … does anyone have a clue how to accomplish that without it ?

Generate it on another box and copy it over to Vera.

  • Garrett

tried that before … didnt work out well (singleuser OS pitfall i guess)

i found a way to get it done …

generate a key:

dropbearkey -t rsa -f /etc/dropbear/id_rsa

the output will show the public part of the keyset
open a new file like vi /etc/dropbear/id_rsa.pub
and paste the line starting with “ssh-rsa”
safe the file (:wq)

while having the public key still in the clipboard … log on to the other machine
edit ~/.ssh/autorized_keys (this is btw the proper location, no clue why dropbear did reinvent the wheel)
and add the public key there

save - quit - logout

after that the keys are “exchanged” properly.

remote login should work but somehow the stupid dropbear required to add the private-key to connect
like this:

dbclient -y -i /etv/dropbear/id_rsa user@machine

no now the vera can access the other machine without beeing asked for a password but still keeping everything secure.

example get load average from the appletv

dbclient -y -i /etv/dropbear/id_rsa root@appletv 'uptime | grep load\ average'
...now the vera can access the other machine without beeing asked for a password but still keeping everything secure.

example get load average from the appletv

dbclient -y -i /etv/dropbear/id_rsa root@appletv 'uptime | grep load\ average'

Would I really want Vera wasting cycles and memory acting as a network monitor? I’d much rather have an external monitor trigger a Vera scene via URL, should the monitored attribute exceed the set threshold.

Or does your password-less login do something more valuable?

yes it does, this was just an example …
the away scene does cut off the power on some devices i’d like to protect,
the remote-script do remount the remote storages on the appletv and pushes a few other buttons again on other remote machines so i have the command only issued once on the vera.

what memory referring to ? since the sshd is running anyway and after the task is done things should get free again (hopefully)

what iam more worried is if the ssh failed … then the vera seems not to be able to continue its life
i made a few tests and it turned out that if the connection is not closed properly and/or the connection not properly established, everything is geting very glued …

still searching for a timeout parameter to get that somehow sorted.
well i could wait 5 sec in the scene and do kill the tasks … but i doubt that would work smoothly.

The limited RAM of the Vera. A very valuable resource when the device and plugin count gets high.

since the sshd is running
sshd is always running, but bdclient and your ssh session is not. Every time you call the session, you use additional memory and CPU.
anyway and after the task is done things should get free again (hopefully)

what iam more worried is if the ssh failed … then the vera seems not to be able to continue its life
i made a few tests and it turned out that if the connection is not closed properly and/or the connection not properly established, everything is geting very glued …


So, you already see the problem with this method. No?

still searching for a timeout parameter to get that somehow sorted. well i could wait 5 sec in the scene and do kill the tasks .. but i doubt that would work smoothly.
I guess I was wrong, you don't see it yet.

oh i see it already.

but have no real clue how to accomplish it in any other way on a operating system thats castrated to a single task.
since any and every approach of doing anything at all on the vera will lock it up (including the simple push of a z-wave button) …
the question is only “for how long/how many cycles”

tested a wget already … does exactly the same.

so tell me how to do it “properly” if my approach is so bad. (wget is even slower i tested that already)

Sorry, I don’t have a solution for you.

I just prefer to avoid making Vera do stuff it wasn’t designed to do because it is resource constrained and does have stability issues when you force it.

This is the command I used to generate the private and public key files in one shot:

dropbearkey -t rsa -s 2048 -f ~/.ssh/id_rsa | grep ^ssh-rsa > ~/.ssh/id_rsa.pub

And then I changed them to read-only to reduce the risk of them being modified by mistake:

chmod 400 ~/.ssh/id_rsa
chmod 400 ~/.ssh/id_rsa.pub