[Server-devel] SSH Tip for XSCE and DXS Installs on XOs
Anna
aschoolf at gmail.com
Fri Oct 11 13:00:30 EDT 2013
It seems like I set up a new XSCE or DXS about every 15 minutes (slight
exaggeration). I know the XSCE has an admin user with the password
12admin, but I rarely log in that way. And the admin user doesn't get
created until after the XSCE install is done or at all on the DXS. On the
USB drive I use to flash the target XOs, I keep an authorized_keys file and
a little script to set up ssh:
#!/bin/bash
mkdir /home/olpc/.ssh
cp authorized_keys /home/olpc/.ssh
chmod 700 /home/olpc/.ssh
chmod 644 /home/olpc/.ssh/authorized_keys
chown -R olpc:olpc /home/olpc/.ssh
su -c 'systemctl enable sshd.service'
su -c 'systemctl start sshd.service'
exit
After I flash a new target machine, I do the usual in Sugar (disable power
mgmt, connect to wifi if a "one dongle" install), then switch to a root
console with ctrl+alt+f2. I cd to the usb drive, do `sh ssh-setup.sh` (the
USB drive is FAT32) and by the time I walk back over to my desktop, ssh is
configured and I can get right in with `ssh olpc at 192.168.1.10` or whatever
the XO's IP is.
The only caveat is if you're using that same USB drive for xs-repo during
an XSCE install, cd out of it afterwards. If any user is in the drive as
their working dir, the XSCE install will throw errors.
Part of my testing is to put the XSCE or DXS public, so the authorized_keys
file on my USB drive not only includes my pubkeys, but also the keys of
folks who sometimes need to ssh in and take a look at things. I have
problems with script kiddies when running ssh public on port 22, so I
typically disallow password logins.
Anna Schoolfield
Birmingham
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/server-devel/attachments/20131011/f42aedbe/attachment.html>
More information about the Server-devel
mailing list