ffissore
commented
10 years ago @aboudou I confirm the IDE only works with password authentication and uses port 22. Just to set up a test environment, which OS are you using?
Open aboudou opened 10 years ago
ffissore
commented
10 years ago @aboudou I confirm the IDE only works with password authentication and uses port 22. Just to set up a test environment, which OS are you using?
aboudou
commented
10 years ago Hi,
I'm using OS X 10.8.5.
ffissore
commented
10 years ago I've just pushed d5bd7d13a72ea6a027a9df50cf7ec2756aba0bfe with a preliminary support for openssh config file and I would like you to test it. You can download a mac build here.
It expects config file to be located at USER_HOME/.ssh/config Example entry:
Host Arduino.local
#optional
IdentityFile ~/.ssh/id_rsa
#mandatory if using IdentityFile
StrictHostKeyChecking no
#optional
User root
#optional
Port 50022Most important is the hostname: if your yun is named mysuperyun entry must be Host mysuperyun.local
aboudou
commented
10 years ago Hi,
I've just tried this build of Arduino IDE, and it's still not working:
When I try to upload the sketch, the IDE is asking my arduino board password (I don't know if it's user's password, or private key password, but none of them work).
My Arduino board name is "malheur", and my ~/.ssh/config file contains the following entries:
Host malheur User root port 22 StrictHostKeyChecking no identityFile ~/.ssh/yun
Host malheur.local User root port 22 StrictHostKeyChecking no identityFile ~/.ssh/yun
ffissore
commented
10 years ago Can you remove the first entry and retry? How does the IDE print the hostname? Is it malheur, all lowercase?
aboudou
commented
10 years ago With only the second entry, it keeps asking me for password.
And the port in Arduino IDE is "malheur at 192.168.xxx.yyy (Arduino Yun)"
aboudou
commented
10 years ago I've just checked : it's still trying to connect without using ~/.ssh/config file :
ffissore
commented
10 years ago I've tested it with a mac (10.6) and it works. There is some difference in the config files we are missing. Can we compare them?
My /etc/config/dropbear is
config dropbear
option PasswordAuth 'off'
option RootPasswordAuth 'off'
option Port '50022'
# option BannerFile '/etc/banner'My /Users/federico/.ssh/config is
Host Arduino.local
IdentityFile /Users/federico/.ssh/id_rsa
StrictHostKeyChecking no
User root
Port 50022Board name is Arduino
I succeed in logging in with plain ssh without being prompted for a password. When I upload a sketch and I'm asked for the password, the pass phrase is the one
aboudou
commented
10 years ago Hi.
My dropbear config file :
config dropbear option Port '22' option PasswordAuth 'off' option RootPasswordAuth 'off'
My ssh config file (only the yun section)
Host malheur.local User root port 22 StrictHostKeyChecking no identityFile ~/.ssh/yun
Plain ssh login :
aboudou@skuld# ssh malheur.local Warning: Permanently added 'malheur.local' (RSA) to the list of known hosts.
BusyBox v1.19.4 (2013-08-07 16:16:02 CEST) built-in shell (ash) Enter 'help' for a list of built-in commands.
aboudou
commented
10 years ago And I've just find the problem :
CLI ssh is not case sensitive for ssh config option names, Arduino IDE is :+1:
Works with CLI ssh but not with Arduino IDE : port 22 identityFile ~/.ssh/yun
Works with both CLI ssh and Arduino IDE
Port 22 IdentityFile ~/.ssh/yun
ffissore
commented
10 years ago Ah ok! Yes, jsch (the pure java ssh client we use) looks up keys in a case-sensitive manner. Are you then fine with this? Would you like some more time to test it? In the meanwhile, I've uploaded another build that fixes a small bug. https://docs.google.com/file/d/0B25ol7x7AsJRNW1vUEtEVHV1WGc/edit?usp=sharing
aboudou
commented
10 years ago I'm fine with the case sensitive behavior. I just had to know it :)
About the new build, it works without issue.
Thanks for your help :)
noblepepper
commented
10 years ago I still have strange behavior after configuring this. ssh logins through a terminal work fine with no password. The first time I upload a sketch after starting the IDE a dialog asks me to "Type board password to upload a new sketch", if I click the upload button the sketch uploads with no problems without entering a password. The dialog doesn't pop up when uploading after this unless I close all IDE windows. If I shut the IDE down completely and restart it I get the dialog the first time I upload.
Details: Host system is Ubuntu 13.04 64 bit IDE is nightly build for Linux 64 bit downloaded on November 2, 2013 Log on Yun shows Child connection, Pubkey auth and exit on each upload regardless of whether dialog pops up.
On host-
~/.ssh/config:
Host elbonoYun.local
#optional
IdentityFile ~/.ssh/id_rsa
#mandatory if using IdentityFile
StrictHostKeyChecking no
#optional
User root
#optional
Port 22On Yun-
/etc/config/dropbear:
config dropbear
option PasswordAuth 'off'
option RootPasswordAuth 'off'
option Port '22'
# option BannerFile '/etc/banner'I generally leave password auth on, changed it to off since that is what you use above, doesn't make any difference.
For more information or suggestions just let me know.
Thanks, Noble
ffissore
commented
10 years ago If your local (private) key is protected by a pass phrase, the IDE will ask for it the first time you upload. SSH keys are usually "pass phrase protected".
noblepepper
commented
10 years ago I didn't use a pass phrase, ran ssh-keygen -t rsa and hit enter three times. My original forum post was with a dsa key but I switched to rsa since you and aboudou were using them here in case it made any difference. I'm just using this key for the Yun so I'm not super paranoid about how secure it is.
Maybe the IDE is asking for it even though it is not needed? If so it figures out it doesn't need it after it asks.
When I started playing with this I was entering my Yun's root password in the dialog and then noticed the log entries that indicated it was using the key to log in and found out it would work with no entry. I definitely didn't use that password for the pass phrase. I just ran the IDE again and put "how now brown cow" in the password dialog and it uploaded fine.
This isn't a critical issue, clicking OK isn't that big a deal, it is just one of those things that "ain't right"
ffissore
commented
10 years ago Got that. I'll fix it
ffissore
commented
10 years ago 1.5.5 does not contain this latest fix. Moving issue to 1.5.6
ffissore
commented
10 years ago Moved to 1.5.7: still missing support to ssh keys without passphrase
Hello,
I've set up my Arduino Yun to only accept SSH logins with private key, and on a different port than 22. It seems Arduino IDE 1.5.4 does not allow these settings when uploading sketches through networked port.
I get the following error messages :
processing.app.debug.RunnerException at cc.arduino.packages.uploaders.SSHUploader.uploadUsingPreferences(SSHUploader.java:103) at processing.app.Sketch.upload(Sketch.java:1692) at processing.app.Sketch.exportApplet(Sketch.java:1605) at processing.app.Sketch.exportApplet(Sketch.java:1577) at processing.app.Editor$DefaultExportHandler.run(Editor.java:2397) at java.lang.Thread.run(Thread.java:680) Caused by: com.jcraft.jsch.JSchException: java.net.ConnectException: Connection refused at com.jcraft.jsch.Util.createSocket(Util.java:389) at com.jcraft.jsch.Session.connect(Session.java:215) at cc.arduino.packages.uploaders.SSHUploader.uploadUsingPreferences(SSHUploader.java:91) ... 5 more
processing.app.debug.RunnerException at cc.arduino.packages.uploaders.SSHUploader.uploadUsingPreferences(SSHUploader.java:103) at processing.app.Sketch.upload(Sketch.java:1692) at processing.app.Sketch.exportApplet(Sketch.java:1605) at processing.app.Sketch.exportApplet(Sketch.java:1577) at processing.app.Editor$DefaultExportHandler.run(Editor.java:2397) at java.lang.Thread.run(Thread.java:680) Caused by: com.jcraft.jsch.JSchException: Auth fail at com.jcraft.jsch.Session.connect(Session.java:512) at cc.arduino.packages.uploaders.SSHUploader.uploadUsingPreferences(SSHUploader.java:91) ... 5 more
Arduino IDE should be able to let user changes SSH settings, or be able to use .ssh/config file.
Regards