Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: ssh keys #1211

Open
doniks opened this issue May 9, 2020 · 13 comments
Open

Feature request: ssh keys #1211

doniks opened this issue May 9, 2020 · 13 comments
Labels
enhancement a new feature or an improvement of existing functionality

Comments

@doniks
Copy link

doniks commented May 9, 2020
edited
Loading

As a developer, I want a convenient way to enable ssh. Therefore my ssh key needs to be installed on the device.

Currently, the advice http://docs.ubports.com/en/latest/userguide/advanceduse/ssh.html#copy-the-public-key-to-your-device is to adb push it yourself. I have heard others using bluetooth, or younameit way of transporting the key to the device and then fiddling in the commandline to put the key in the right place and not mess up any of the access rights for ~/.ssh and ~/.ssh/authorized_keys

It would be great if I could tick a box in the installer and it would do it for me. Simple implementation could just:

  • create on the phone:~/.ssh
  • append my key as found on my laptop:~/.ssh/id_rsa.pub to the list on the phone:~/.ssh/authorized_keys
  • chmod 700 the folder
  • chmod 600 the file
@NeoTheThird NeoTheThird added the enhancement a new feature or an improvement of existing functionality label Sep 23, 2020
@Justinzobel
Copy link

This would be great to have. It would enable fast access for those that want to tinker and improve Ubuntu Touch.

@Fuseteam
Copy link

Fuseteam commented Jan 16, 2022
edited
Loading

Does this really belong on the installer? This sounds like something system settings could do, additionally you do need to transfer the public key one way or another. So some sort of a workflow needs to be worked out

@maciek134
Copy link
Contributor

@Fuseteam how would system settings pull a key from the PC?

@Fuseteam
Copy link

Welp you be fast xd how about something like: https://sourceforge.net/projects/ssh-pull-id/

@Justinzobel
Copy link

For instance, postmarketOS can copy the user's public key during it's image creation.

@maciek134
Copy link
Contributor

Welp you be fast xd how about something like: https://sourceforge.net/projects/ssh-pull-id/

That would require you to have sshd running and password login enabled on your PC (you should have neither and good luck on Windows). Installer seems like the only place this could be done before you touch the device, since after installation you'd have to enable adb to copy the key otherwise.

@Fuseteam
Copy link

Hmmm yeah windows would deffo not work

@Justinzobel
Copy link

Any progress on this? Even Putty can generate ssh keys I believe so it could be done on any installer. The other option is to allow password-based login initially and then the user can send their key and disable password-based auth.

@doniks
Copy link
Author

doniks commented Apr 29, 2022

Just a thought wrt scope / expectation management since I see a number of other ppl chime in.

Even if someone steps up and implements this, this is still only part of the bigger use case I would see: "As a developer, I want a convenient way to use ssh". In order to use it, I need the keys as discussed above, but also a way to turn sshd on (and off?!).

In my mind, that toggle would anyway not be in scope of the installer, but would always have to go into the OS/settings, related to this: https://gitlab.com/ubports/community-ports/pinephone/-/issues/104

@doniks
Copy link
Author

doniks commented Apr 29, 2022

Welp you be fast xd how about something like: https://sourceforge.net/projects/ssh-pull-id/

That would require you to have sshd running and password login enabled on your PC (you should have neither and good luck on Windows). Installer seems like the only place this could be done before you touch the device, since after installation you'd have to enable adb to copy the key otherwise.

@doniks doniks closed this as completed Apr 29, 2022
@doniks
Copy link
Author

doniks commented Apr 29, 2022

(doh, wrong button)

@doniks doniks reopened this Apr 29, 2022
@maciek134
Copy link
Contributor

maciek134 commented May 4, 2022
edited
Loading

Even Putty can generate ssh keys I believe so it could be done on any installer

The issue is not with generating keys (you don't want a random key), the issue is in putting the key (or the override to enable sshd) in the image before flashing

but also a way to turn sshd on

halium-install can do this too, so I guess that's where this could start? I think I have an idea how this could happen

@Fuseteam
Copy link

Fuseteam commented Sep 5, 2024
edited
Loading

fwiw it is now possible on focal to enable sshd with systemctl start ssh.socket

for the ssh key, i was thinking perhaps we could make use qr codes:
the flow i have in mind is:

  • generate a qr code of the ssh public key on the pc
  • open settings app, select option to add a ssh key (exact location tbd)/use the barcode reader
  • scan the qrcode, the system then adds the public key to ~/.ssh/authorized_keys with the appropriate permissions

the biggest hurdle is of course how we generate the qr code out of the public key........maybe the installer could do it, but that feels out of scope

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement a new feature or an improvement of existing functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@maciek134 @Justinzobel @Fuseteam @NeoTheThird @doniks