1

I'm working on an embedded board (i.MX6) with a Yocto-based embedded Linux. So far I used Dropbear as SSH server. However, Dropbear doesn't provide an SFTP server, which I need. Therefore I switched from Dropbear to OpenSSH (built it from the standard Poky sources, and installed it via opkg).

However, since then I cannot login to the board via SSH anymore, because the server asks for a password, which I don't know. The only user is root, and it has no password configured (this is still true, because I can log in locally via RS232 without problems). Why does OpenSSH ask for a password? How can I remove that?

I thought that maybe there's a passphrase set in one of the private keys in /etc/ssh:

/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key

So I did ssh-keygen -p -f /etc/ssh/ssh_host_rsa_key respectively for each of them, but it didn't help.

This is the essential pieces of the sshd_config file:

# grep '^[^#]' /etc/ssh/sshd_config
Protocol 2
PermitRootLogin yes
AuthorizedKeysFile .ssh/authorized_keys
UsePrivilegeSeparation sandbox # Default for new installations.
Compression no
ClientAliveInterval 15
ClientAliveCountMax 4
Subsystem       sftp    /usr/lib/openssh/sftp-server

Any ideas?

4

2 回答 2

3

你确定你有debug-tweaksorIMAGE_FEATURESEXTRA_IMAGE_FEATURES

如果是这样,则ROOTFS_POSTPROCESS_COMMAND应该包括ssh_allow_empty_password();依次设置PermitEmptyPasswords yes/etc/ssh/sshd_config和中的哪个/etc/ssh/sshd_config_readonly。这应该允许您在 OpenSSH 中使用空密码。

于 2016-05-23T11:18:17.320 回答
1

如果您的密码中有“调试调整”,EXTRA_IMAGE_FEATURES则密码将为空白:这对于开发图像可能没问题。

如果您想获得一些安全性,您可以添加一个将公钥安装到/root/.ssh/authorized_keys的配方,或者使用图像配方或本地配置中的extrausers类来设置密码。

于 2016-05-23T10:25:08.813 回答