ssh module

[YongseopKim]

ssh module

[YongseopKim]

https://github.com/mscdex/ssh2

[YongseopKim]

ssh-keygen -t rsa -b 4096 # rsa 알고리즘, b: 키의 크기
ecdsa-sha2-nistp256

ssh-keygen -lf ./id_rsa.pub
3072 SHA256:<key_in_base64> (RSA)
키의 크기 3072
HASH: SHA256
알고리즘 type: RSA

양방향 암호 시스템 비대칭형 암호화 기법: 공개키, 비밀키 공개키 암호 알고리즘: RSA

단방향 암호 시스템 Hash 이용 단방향 Hash 알고리즘: SHA-256

export interface Algorithms {
    kex?: string[] | undefined; // Key exchange algorithms
    cipher?: string[] | undefined; // Ciphers
    serverHostKey?: string[] | undefined; // Server host key formats
    hmac?: string[] | undefined; // (H)MAC algorithms
    compress?: string[] | undefined; // Compression algorithms
}

[YongseopKim]

.pem: X.509 v3 파일의 한 형태

• PEM (Privacy Enhanced Mail)은 Base64인코딩된 ASCII text file이다.
• 원래는 secure email에 사용되는 인코딩 포멧이었는데 더이상 email쪽에서는 잘 쓰이지 않고 인증서 또는 키값을 저장하는데 많이 사용된다.
• -----BEGIN XXX-----, -----END XXX----- 로 묶여있는 text file을 보면 이 형식으로 인코딩 되어있다고 생각하면 된다. (담고있는 내용이 무엇인지에 따라 XXX 위치에 CERTIFICATE, RSA PRIVATE KEY 등의 키워드가 들어있다)
• 인증서(Certificate = public key), 비밀키(private key), 인증서 발급 요청을 위해 생성하는 CSR (certificate signing request) 등을 저장하는데 사용된다.

.crt, .cer

• 인증서를 나타내는 확장자인 cer과 crt는 거의 동일하다고 생각하면 된다. (cer은 Microsoft 제품군에서 많이 사용되고, crt는 unix, linux 계열에서 많이 사용된다.)
• 확장자인 cer이나 crt만 가지고는 파일을 열어보기 전에 인코딩이 어떻게되어있는지 판단하긴 힘들다.

.key: 개인 또는 공개 PKCS#8 키를 의미 .p12: PKCS#12 형식으로 하나 또는 그이상의 certificate(public)과 그에 대응하는 private key를 포함하고 있는 key store 파일이며 패스워드로 암호화 되어있다. 열어서 내용을 확인하려면 패스워드가 필요하다.

[YongseopKim]

one-vscode activate OK
  Utils
    Ssh
      Client
        1) example
  0 passing (121ms)
  1 failing
  1) Utils
       Ssh
         Client
           example:
     Error: Cannot parse privateKey: Unsupported key format
        at Client.connect (node_modules/ssh2/lib/client.js:261:15)
        at Context.<anonymous> (out/Tests/Utils/Ssh.test.js:76:20)
        at processImmediate (node:internal/timers:464:21)

[YongseopKim]

ssh-keygen — OpenSSH authentication key utility
[-b bits]
[-C comment]
[-m format]
[-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa]

ssh-keygen -p [-f keyfile] [-m format]
The passphrase can be changed later by using the -p option.

https://stackoverflow.com/questions/53400628/cannot-parse-privatekey-unsupported-key-format

ssh-keygen -m PEM -t rsa 

or

ssh-keygen -p -m PEM -f ~/.ssh/id_rsa

[YongseopKim]

$HOME/.ssh/
id_rsa: private key
id_rsa.pub: public key
authorized_keys: 내가 server 입장에서 auth 해주는 client의 public key
known_hosts: 내가 client 입장에서 등록한 host들

$ ssh user@host
The authenticity of host 'xxx' can't be established.
RSA key fingerprint is 2f:e1:a7:bd:e4:56:53:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)?

[YongseopKim]

ssh -i ~/.ssh/old_keys/host2_key username@host2.somewhere.edu

• -i private_key

configuration file

• ~/.ssh/config
• /etc/ssh/ssh_config

Host host2.somewhere.edu
IdentityFile ~/.ssh/old_keys/host2_key

[YongseopKim]

~ dpkg -l | grep "triv2-toolchain-latest:" | awk '{print $2}'
triv2-toolchain-latest:amd64

~ dpkg -l | grep "triv2-toolchain-latest:" | awk '{print $3}'
1.1.0~22020720

~ dpkg -s triv2-toolchain-latest
Package: triv2-toolchain-latest
Status: install ok installed
Priority: optional
Section: misc
Installed-Size: 9
Maintainer: Neural Network Acceleration Solution Developers <nnfw@samsung.com>
Architecture: amd64
Multi-Arch: same
Source: triv2-toolchain
Version: 1.1.0~22020720
Depends: one-compiler (= 1.20.0~22020718), triv2-compiler (= 1.4.0~22020715), triv2-mte (= 1.4.0~22020715), npu-engine (= 2.5.0), libmrpsim (= 3.8.82), decoder (= 0.30.7)
Description: TRIV2 toolchain
 This is a metapackage for TRIV2 toolchain. This package installs all modules
 related to the TRIV2 toolchain. The core of TRIV2 toolchain is the
 tv2-compiler and it depends on ONE compiler modules. The ONE compiler
 generated circle models from the TensorFlow, TensorFlow Lite and ONNX models
 while supporting some optimization pass. It also supports to quantization
 using auto generated random input for better quantization testing. The TRIV2
 compiler takes circle models as an input and generates code optimzied for
 TRIV2. This package provides the tv2-ssinfer to inference model with a TRIV2
 loadable (.tvn) via TRIV2 System Service API (a.k.a. npu-engine) and the
 tv2-ssprofile to profile a TRIV2 loadable via TRIV2 System Service API. This
 package also provides some useful binaries such as tv2-as (an assembler) and
 tv2-show (a TRIV2 loadable model reader).
 This metapackage will install the latest dependent packages.
Homepage: https://github.sec.samsung.net/AIP/TRIV_Setup/

~ echo $?
0

~ dpkg -s triv2-toolchain-la
dpkg-query: package 'triv2-toolchain-la' is not installed and no information is available
Use dpkg --info (= dpkg-deb --info) to examine archive files.

~ echo $?
1

[YongseopKim]

The SSH protocol has a layered architecture with separates three components: The transport layer; tcp(socket)

• "close": socket was closed
• "end": socket was disconnected
• "timeout": socket has timed out
• "connect": socket has connected
• "error": socket error

The user authentication layer; auth

• "ready": auth was successful

The connection layer; channel

• "continue" event: more requests/data can be sent to the server
• end(): Disconnects the socket
• destroy(): Destroys the socket
• connect(): Attempts a connection to a server
• exec(): Executes command on the server.
• sftp(): Starts an SFTP session