rien / reStream

Stream your reMarkable screen over SSH.
MIT License
768 stars 58 forks source link

root@10.11.99.1: Permission denied (publickey,password). #99

Closed Alexfinitore10 closed 10 months ago

Alexfinitore10 commented 1 year ago

I have done all the steps above. I have a Remarkable 2 and I'm on Ubuntu, I litterally cannot proceed, I'm stuck when I have to start the reStream.sh. Can you help me?

Eeems commented 1 year ago

Have you been able to SSH in to your device normally?

https://remarkable.guide/guide/access/ssh.html

Alexfinitore10 commented 1 year ago

Normally yes, The issue i think is the fact that I try to set the rsa keys to the remarkable but when I do the command to copy it automatically gets the ed25519 one. Dunno

Eeems commented 1 year ago

Normally yes, The issue i think is the fact that I try to set the rsa keys to the remarkable but when I do the command to copy it automatically gets the ed25519 one. Dunno

It should copy all of your public keys. You can modify the command in the OpenSSH 9.4 warning to manually copy your key to the authorized list on your device: https://remarkable.guide/guide/access/ssh.html#installing-a-ssh-key-on-your-device

Alexfinitore10 commented 1 year ago

OpenSSH_8.9p1 Ubuntu-3ubuntu0.4, OpenSSL 3.0.2 15 Mar 2022 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/.conf matched no files debug1: /etc/ssh/ssh_config line 21: Applying options for debug1: Connecting to 10.11.99.1 [10.11.99.1] port 22. debug1: Connection established. debug1: identity file /home/alex/.ssh/id_rsa type -1 debug1: identity file /home/alex/.ssh/id_rsa-cert type -1 debug1: identity file /home/alex/.ssh/id_ecdsa type -1 debug1: identity file /home/alex/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/alex/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/alex/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/alex/.ssh/id_ed25519 type -1 debug1: identity file /home/alex/.ssh/id_ed25519-cert type -1 debug1: identity file /home/alex/.ssh/id_ed25519_sk type -1 debug1: identity file /home/alex/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/alex/.ssh/id_xmss type -1 debug1: identity file /home/alex/.ssh/id_xmss-cert type -1 debug1: identity file /home/alex/.ssh/id_dsa type -1 debug1: identity file /home/alex/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.4 debug1: Remote protocol version 2.0, remote software version dropbear_2020.81 debug1: compat_banner: no match: dropbear_2020.81 debug1: Authenticating to 10.11.99.1:22 as 'root' debug1: load_hostkeys: fopen /home/alex/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-ed25519 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ssh-ed25519 SHA256:CJgvn1lPqOHYskybxxicOKVhyV9hjqjb12/yvC0qjrg debug1: load_hostkeys: fopen /home/alex/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: Host '10.11.99.1' is known and matches the ED25519 host key. debug1: Found key in /home/alex/.ssh/known_hosts:1 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: Will attempt key: /home/alex/.ssh/id_rsa debug1: Will attempt key: /home/alex/.ssh/id_ecdsa debug1: Will attempt key: /home/alex/.ssh/id_ecdsa_sk debug1: Will attempt key: /home/alex/.ssh/id_ed25519 debug1: Will attempt key: /home/alex/.ssh/id_ed25519_sk debug1: Will attempt key: /home/alex/.ssh/id_xmss debug1: Will attempt key: /home/alex/.ssh/id_dsa debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,ssh-rsa,ssh-dss> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /home/alex/.ssh/id_rsa debug1: Trying private key: /home/alex/.ssh/id_ecdsa debug1: Trying private key: /home/alex/.ssh/id_ecdsa_sk debug1: Trying private key: /home/alex/.ssh/id_ed25519 debug1: Trying private key: /home/alex/.ssh/id_ed25519_sk debug1: Trying private key: /home/alex/.ssh/id_xmss debug1: Trying private key: /home/alex/.ssh/id_dsa debug1: Next authentication method: password root@10.11.99.1's password: Authenticated to 10.11.99.1 ([10.11.99.1]:22) using "password". debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: pledge: filesystem debug1: Sending environment. debug1: channel 0: setting env LC_ADDRESS = "it_IT.UTF-8" debug1: channel 0: setting env LC_NAME = "it_IT.UTF-8" debug1: channel 0: setting env LC_MONETARY = "it_IT.UTF-8" debug1: channel 0: setting env LC_PAPER = "it_IT.UTF-8" debug1: channel 0: setting env LANG = "en_US.UTF-8" debug1: channel 0: setting env LC_IDENTIFICATION = "it_IT.UTF-8" debug1: channel 0: setting env LC_TELEPHONE = "it_IT.UTF-8" debug1: channel 0: setting env LC_MEASUREMENT = "it_IT.UTF-8" debug1: channel 0: setting env LC_TIME = "it_IT.UTF-8" debug1: channel 0: setting env LC_NUMERIC = "it_IT.UTF-8" reMarkable

OK maybe it's more readable like this

Eeems commented 1 year ago

Type ``` as the first line, and as the last line to make code or console output more readable.

Alexfinitore10 commented 1 year ago
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 10.11.99.1 [10.11.99.1] port 22.
debug1: Connection established.
debug1: identity file /home/alex/.ssh/id_rsa type -1
debug1: identity file /home/alex/.ssh/id_rsa-cert type -1
debug1: identity file /home/alex/.ssh/id_ecdsa type -1
debug1: identity file /home/alex/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/alex/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/alex/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/alex/.ssh/id_ed25519 type -1
debug1: identity file /home/alex/.ssh/id_ed25519-cert type -1
debug1: identity file /home/alex/.ssh/id_ed25519_sk type -1
debug1: identity file /home/alex/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/alex/.ssh/id_xmss type -1
debug1: identity file /home/alex/.ssh/id_xmss-cert type -1
debug1: identity file /home/alex/.ssh/id_dsa type -1
debug1: identity file /home/alex/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.4
debug1: Remote protocol version 2.0, remote software version dropbear_2020.81
debug1: compat_banner: no match: dropbear_2020.81
debug1: Authenticating to 10.11.99.1:22 as 'root'
debug1: load_hostkeys: fopen /home/alex/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:CJgvn1lPqOHYskybxxicOKVhyV9hjqjb12/yvC0qjrg
debug1: load_hostkeys: fopen /home/alex/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '10.11.99.1' is known and matches the ED25519 host key.
debug1: Found key in /home/alex/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/alex/.ssh/id_rsa 
debug1: Will attempt key: /home/alex/.ssh/id_ecdsa 
debug1: Will attempt key: /home/alex/.ssh/id_ecdsa_sk 
debug1: Will attempt key: /home/alex/.ssh/id_ed25519 
debug1: Will attempt key: /home/alex/.ssh/id_ed25519_sk 
debug1: Will attempt key: /home/alex/.ssh/id_xmss 
debug1: Will attempt key: /home/alex/.ssh/id_dsa 
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,ssh-rsa,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/alex/.ssh/id_rsa
debug1: Trying private key: /home/alex/.ssh/id_ecdsa
debug1: Trying private key: /home/alex/.ssh/id_ecdsa_sk
debug1: Trying private key: /home/alex/.ssh/id_ed25519
debug1: Trying private key: /home/alex/.ssh/id_ed25519_sk
debug1: Trying private key: /home/alex/.ssh/id_xmss
debug1: Trying private key: /home/alex/.ssh/id_dsa
debug1: Next authentication method: password
root@10.11.99.1's password: 
Authenticated to 10.11.99.1 ([10.11.99.1]:22) using "password".
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: Sending environment.
debug1: channel 0: setting env LC_ADDRESS = "it_IT.UTF-8"
debug1: channel 0: setting env LC_NAME = "it_IT.UTF-8"
debug1: channel 0: setting env LC_MONETARY = "it_IT.UTF-8"
debug1: channel 0: setting env LC_PAPER = "it_IT.UTF-8"
debug1: channel 0: setting env LANG = "en_US.UTF-8"
debug1: channel 0: setting env LC_IDENTIFICATION = "it_IT.UTF-8"
debug1: channel 0: setting env LC_TELEPHONE = "it_IT.UTF-8"
debug1: channel 0: setting env LC_MEASUREMENT = "it_IT.UTF-8"
debug1: channel 0: setting env LC_TIME = "it_IT.UTF-8"
debug1: channel 0: setting env LC_NUMERIC = "it_IT.UTF-8"
reMarkable

Ok, thanks

Eeems commented 1 year ago

So it looks to me like none of your keys are properly installed on the device, and it's prompting for password for authentication, which works. Have you looked at the page I linked and at the command to manually install a specific key?

Alexfinitore10 commented 1 year ago

Yes, I did it a bunch of times, that's why it tries so many keys, but It won't work. I will try now from the beginning once more.

Alexfinitore10 commented 1 year ago

I have some updates on the case, now that I did again the steps I managed to enter the remarkable with the rsa password key, but when I try to run the .sh file it still gives me the permission error.

alex@alex-F5-R:~/Desktop$ sudo ./reStream.sh 
[SSH] true
root@10.11.99.1: Permission denied (publickey,password).
10.11.99.1 unreachable or you have not set up an ssh key.
If you see a 'Permission denied' error, please visit
https://github.com/rien/reStream/#installation for instructions.
[SSH] kill $(pidof restream)
root@10.11.99.1: Permission denied (publickey,password).
alex@alex-F5-R:~/Desktop$ ssh remarkable
Enter passphrase for key '/home/alex/.ssh/id_rsa_remarkable': 
reMarkable
Eeems commented 1 year ago

Yes, I did it a bunch of times, that's why it tries so many keys, but It won't work. I will try now from the beginning once more.

You don't need to generate a new key each time, I just linked to the part where you add the key to the authorized list on the device, not the entire page.

I have some updates on the case, now that I did again the steps I managed to enter the remarkable with the rsa password key, but when I try to run the .sh file it still gives me the permission error.

alex@alex-F5-R:~/Desktop$ sudo ./reStream.sh 
[SSH] true
root@10.11.99.1: Permission denied (publickey,password).
10.11.99.1 unreachable or you have not set up an ssh key.
If you see a 'Permission denied' error, please visit
https://github.com/rien/reStream/#installation for instructions.
[SSH] kill $(pidof restream)
root@10.11.99.1: Permission denied (publickey,password).
alex@alex-F5-R:~/Desktop$ ssh remarkable
Enter passphrase for key '/home/alex/.ssh/id_rsa_remarkable': 
reMarkable

Since you are being prompted for the SSH key, restream will not work, it expects the key to be already loaded into an SSH agent according to the instructions. I would expect that a passwordless key may also work.

Alexfinitore10 commented 1 year ago

I added it to my ssh agent, the first time he didn't ask me for a password! But then when I tried to connect with the .sh still the same error... And now it doesn't even recognize the SSH key anymore.

Eeems commented 1 year ago

I added it to my ssh agent, the first time he didn't ask me for a password! But then when I tried to connect with the .sh still the same error... And now it doesn't even recognize the SSH key anymore.

Right, when it's loaded in your ssh agent, the password only needs to be entered when loading it. restream uses the same ssh call, so I'm not sure why it's failing to use your key, it's just using ssh underneath the covers: https://github.com/rien/reStream/blob/3862d9c5c85d09c58e985f01049989f15a3d2830/reStream.sh#L98-L105

fredrikekre commented 1 year ago

I had a similar issue; ssh-copy-id reported that keys were succesfully added but logging in didn't work. I solved it by manually appending the key

cat .ssh/id_rsa.pub | ssh remarkable 'cat - >> .ssh/authorized_keys'

I found the solution here: https://www.reddit.com/r/RemarkableTablet/comments/p6ocri/ssh_not_accepting_key_on_new_rm2_29/ . Just like on that post, it looks like ssh-copy-id appends the key to /etc/dropbear/authorized_keys, which seems unused when logging in afterwards.

Eeems commented 1 year ago

See the warning on this page: https://remarkable.guide/guide/access/ssh.html#installing-a-ssh-key-on-your-device

rien commented 10 months ago

Closing this as it doesn't seem to be an issue with reStream.