Closed GoogleCodeExporter closed 9 years ago
This might be due to submenus changing in the newest SDK.
Original comment by kenny@the-b.org
on 27 Aug 2008 at 5:46
generating sshkeys on the device is interesting, but i think we should push
this to a
later version.
people might be copying over existing keys on their /sdcard.
interestingly, we should consider an "automation" framework. it might run "cat
'[key]' >> ~/.ssh/authorized_keys" upon login. other usage might include users
saying run "screen -dr" on connect, etc.
Original comment by Jeffrey.Sharkey
on 25 Oct 2008 at 3:24
I would like to suggest that this is a higher priority than "low" ... I can't
use ssh
for anything real without key based auth. I'm sure there are other people out
there
who are similarly paranoid about their ssh requirements.
Original comment by johnk...@gmail.com
on 26 Oct 2008 at 12:46
I think this was marked "low" because you can always generate the actual keys on
another machine and then migrate them to the phone. Judging from irc chatter,
this
was considered the best solution because they didn't want to have to vouch for
the
safety of the java sshkey generation and didn't want another debian/ubuntu-style
clusterfuck on their hands.
There was some debate on irc as to the best way to get an ssh keypair (or at
least
the private key) to the phone-- ota methods like web and email were ruled out
for
security reasons. The SDcard import looks to be the safest way.
As for the actual sshkey-auth method, I believe it is going in as we speak.
Just
generate your keys on another machine and move it to your phone when this thing
is
ready (which I hear may be Monday)
Kudos to Jeff Sharkey and the other developers!
W
Original comment by vva...@gmail.com
on 26 Oct 2008 at 5:45
[deleted comment]
Will it just find the private key on the SD card? or do I need to put it
somewhere
specific?
Original comment by johnk...@gmail.com
on 27 Oct 2008 at 12:56
I personally would not put my private key on the SD card. I believe any
Android app
can access the entire SD card with no permissions.
However, I also think the app should not generate the private key. I have
doubts
about the quality of the devices RNG.
If the app could implement SCP, that would be best. Or perhaps offer a menu
item to
"copy and paste" the private key from an active (password-authenticated)
session into
the private keystore?
Original comment by abliss
on 28 Oct 2008 at 9:43
There have been a few discussions about how to import a key. if you do it off
the SDCard it will be imported
and then you could delete it-- it wouldn't need to be there long. Someone
could have a service constantly
scanning the card looking for keys, but you'd have to have run that program...
Alternatives discussed on IRC included mailing the key (insecure), IMing the
key (insecure), etc etc. SCP or
copy/paste from a secure session would be good, but you'd need a secure
connection (via password) in the
first place...
Personally I think the app generating the key is a good idea... cuz at least if
there are problems you can shut
down access to this one key... then again, people have their public key
already on 50 machines so maybe they
do want to import...
W
Original comment by vva...@gmail.com
on 29 Oct 2008 at 1:01
I just added rudimentary publickey support in SVN r86.
Right now you can only generate public keys on the device itself. Randomness is
generated by the user, so people don't have to worry about weak entropy sources.
RSA and DSA keys can be copied to the clipboard and deleted only for right now.
Original comment by kenny@the-b.org
on 29 Oct 2008 at 5:05
While I realize keygen isn't expected to work fully in SVN r86, I thought you
should
be aware that while generating a key in landscape mode you can't see all of the
options and there is no ability to scroll.
Original comment by phas...@gmail.com
on 29 Oct 2008 at 2:28
I made a change in SVN r87 to allow scrolling in landscape mode until we get
something better looking in there.
Original comment by kenny@the-b.org
on 29 Oct 2008 at 5:56
I just downloaded the App from the Android market, and cannot find a way to
provide
my key even though there seems to be at least "some way" to do it (see comment
9).
Could it be that version on the Android Market is older and does not yet have
this
feature?
Thanks
Original comment by amazza...@gmail.com
on 30 Oct 2008 at 5:52
The version in the market is r85 (
http://code.google.com/p/connectbot/source/detail?r=85 ). Public key generation
started in r86. Note that it's public key *generation*; import doesn't work yet.
Also, while it can generate keys with a passphrase it can't yet use those to
login
(although eys without a passphrase work beautifully).
I imagine that the app won't be updated on the market again until public keys
are
more fully supported, but I'm not on the dev team so I don't know. In the
meantime
there are instructions on the project homepage about how to install the latest
development builds. Also, if you haven't seen it this page is an easy way to
keep up
with the dev. build process:
http://code.google.com/p/connectbot/updates/list
Original comment by mco...@gmail.com
on 30 Oct 2008 at 1:11
I'm going to wait for this to be complete to release 1.2
Original comment by kenny@the-b.org
on 31 Oct 2008 at 9:42
I added support for password-protected pubkeys in SVN r102
Original comment by kenny@the-b.org
on 1 Nov 2008 at 9:46
latest svn now has support for importing existing keys from /sdcard, which
includes
any openssh-formatted keys (with or without passphrases). format similar to:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,0000000000000000
OhHaiImRand0mBase64T3xt...
-----END RSA PRIVATE KEY-----
Original comment by Jeffrey.Sharkey
on 3 Nov 2008 at 3:23
I'm considering pubkey authentication complete. Any defects should be opened up
as a
new issue. Thanks for the import function, Jeffrey.
Original comment by kenny@the-b.org
on 3 Nov 2008 at 4:06
This works, but the current language is slightly confusing. When there are no
keys,
it says "Tap Menu to create or import public keys." However, what you are
really
doing is creating key pairs or importing your _private_ keys.
Original comment by sjschul...@gmail.com
on 10 Nov 2008 at 3:47
Oh, also... when the sd card is not available (not inserted or currently
mounted by
computer), you get the "pick from sdcard" dialog with nothing listed. Ideally
it
would tell you that the sdcard is not available (otherwise this dialog is kinda
confusing).
Original comment by sjschul...@gmail.com
on 10 Nov 2008 at 3:48
And one more note, the file list from the sdcard is in no discernible order.
It'd be
great if it were alphabetical.
Original comment by sjschul...@gmail.com
on 10 Nov 2008 at 3:49
Hi folks
I may be extremely dense, but could anyone point me to where and how one can
mount
/sdcard. It definitely is neither mounted nor available on my htc magic.
Also it would be extremely helpful if the accepted import format for rsa
private keys
could be defined somewhere.
Where is the pubic key exported to and how can it be copied to the target
machine.
Basically I would expect it to be stored somewherre on the sdcard and accessible
through all normal usb mass storage operation, but then...
Original comment by grouc...@gmail.com
on 6 Nov 2009 at 8:48
I made a video tutorial on how to use pubkey authentication. That and other
videos
can be reached at http://code.google.com/p/connectbot/wiki/UserInterface
There's not a way to export the pubkey to the SD card, but there is a ticket
open for
that. Right now it just copies it to the clipboard for pasting in another
application.
Original comment by kenny@the-b.org
on 6 Nov 2009 at 1:45
I'd love to have it be able to read from any folder in the SD card. Only after I
found this ticket was I able to get my private key imported, and I use SSH
literally
hundreds of times a day, with multiple private keys, on multiple operating
systems.
Original comment by Martin.B...@gmail.com
on 11 Nov 2009 at 4:36
I am going to make a quick post explaining how to import your private key
because this was not obvious to me.
1 - Plug in your phone
2 - Go to the status menu pulldown on the home screen and click something like
"USB Connected" from the menu
3 - Click MOUNT
4 - Go to My Computer (if you are using Windows) and double click the new drive
letter which should be your SD Card. If you are using Linux then mount the
new drive (in KDE you click on the USB notification on the bottom right then
open it with Nautilus).
5 - Copy your private key to the root of the SD card (don't put it in a folder
or you cannot import it into ConnectBot).
6 - Unmount the folder on Linux. If you are using Windows then double click
the Safely Remove Device icon on the bottom right hand corner of your screen.
(If not sure how to navigate the complicated device removal wizard then convert
to Ubuntu because it is easier.)
7 - Go back to your phone, go back to the status drag-down menu, click Turn Off
USB Storage, click TurnOff
8 - Launch ConnectBot
9 - Click MENU -> Manage Public Keys -> Click the MENU key again -> Click IMPORT
10 - You should see your private key in the list. Click on it to import it.
11 - You should now see your private key in the list of available keys. You
have to unlock the key by clicking on the red lock once and you may have to
enter your key's passphrase/passcode. Once loaded your "lock" should turn
green and look like an open padlock. You can also automatically load the key
by pressing and holding your finger on the key until the menu appears. Check
"Load key on start".
I hope this helps someone.
Original comment by dogatemy...@gmail.com
on 2 Sep 2010 at 2:50
Regarding importing public/private keys -- I put my keys into the root of my
sdcard and connectbot didn't see them. After many different changes which I
won't bore you with, I found another post which said to connect via the local
command-line.
I ended up copying my .ssh folder from my desktop and placing it onto my sdcard
(as 'ssh' not '.ssh'). Then from connectbot's "local" shell:
cd /sdcard
cp ssh/id* .
At this point the permissions were automatically set to something connectbot
could see. Maybe because I don't have root on this device? After reading in
the keys with connectbot I deleted them from the sdcard.
Original comment by adrian.d...@gmail.com
on 13 Apr 2011 at 7:37
Original issue reported on code.google.com by
kenny@the-b.org
on 27 Aug 2008 at 4:42