add check if sshkeys are in the right place

[MatthewMarroquin]

when following Step 2 and trying to ssh root@[local ip] into my raspberry pi I am asked for a password. Not sure what the password is as the guide does not say. (raspberry did not work as the password for ssh root@[local ip] but does work for ssh pi@[local pi])

[lmmrssa]

@Mattmtech Looks like you skipped step before that. It ask you to generate ssh key and add that key to rpi. If you have completed that step then it will no longer ask you for password

[MatthewMarroquin]

@lmmrssa Even after adding the ssh key to the rpi i am being asked for password

[dogi]

@Mattmtech this means that the keys you generated are not in the right place

they need to be in the ~/.ssh folder

[MatthewMarroquin]

@dogi @lmmrssa apologies, I was using the public key fingerprint from my github account not the ssh key. now that i caught this error and use the ssh key on the pi it is working as expected

[dogi]

@Mattmtech we should add somewhere a note or a command where we check if the keys are in place

[CalebProvost]

@Mattmtech we should add somewhere a note or a command where we check if the keys are in place

I'd like to chime in and say it might be beneficial to make sure that users do not create the key on the RPi (learn from my mistake).

[MatthewMarroquin]

@dogi I like that idea, what if after the "create your ssh key" section there is a note to run commands cd ~/.ssh and then ls -a to check that the newly created keys are in the correct directory ? @CalebProvost Yes that is an important detail i will include this in the note

[phamduchongan93]

@Mattmtech I feel that you have some trouble with generating public and private key. I also know that this is important for you to communicate freely with your pi.

This is what I normally do. To check if you have private/pulbic key after ssh-keygen command.

ls -l ~/.ssh/id_rsa*

This is the output you always expect to have

$ ls -l id_rsa*
-rw-r--r-- 1 an pham 197121 3389 Aug 27 19:08 id_rsa
-rw-r--r-- 1 an pham 197121  751 Aug 27 19:08 id_rsa.pub

(optional step to check if these private and public key work well together. No body really do this, but I found some folks on stackoverflow are actually doing this. )

diff <(cut -d' ' -f 2 ~/.ssh/id_rsa.pub) <(ssh-keygen -y -f ~/.ssh/id_rsa | cut -d' ' -f 2)

output1:cut -d' ' -f 2 ~/.ssh/id_rsa.pub command will reformat your public key file so that It only show your key. output2:ssh-keygen -y -f ~/.ssh/id_rsa | cut -d' ' -f 2 command will derive your private key to public key, then format it to key only version.

diff command is used to compare the differences. What you should expect from the output is none, because both output should be the same. They are your public key.

(again, this is totally unnecessary.)

To get this public key on your raspberry Before ssh to raspberry type this command to copy (yank) your public key.

cat ~/.ssh/id_rsa.pub | clip 

Now you have your public key saved in your clipboard, then go ahead ssh to your pi with default pass word. When you are in the terminal, paste your public key with treehouse command.

sudo treehouses sshkey add "your SSH key"

I hope this help. :)

[MatthewMarroquin]

@phamduchongan93 Thank you so much this was very helpful it cleared up all of my confusion! I will be sure to include a lot of what you have mentioned in the PR.

[vmnet8]

If you use Linux OS, you can do like this:

first, use the default password 'raspberry' to log in as pi

ssh pi@<your RPI IP>

on your local Linux, use ssh-copy-id command to add your public key to your RPI pi user authorized_keys

ssh-copy-id pi@<your RPI IP>

then on your RPI, cp your public key to root user authorized_keys

sudo -i
cat  /home/pi/.ssh/authorized_keys  >> /root/.ssh/authorized_keys

next time, you can passwordlessly ssh to root@

[dogi]

@vmnet8 thanks but for the 10 steps we right now want you all to use treehouses sshkey add "<yourpublickey>"

[dogi]

hmmm better even then above command since you added already the sshkeys to github is treehouse sshkey addgithubuser <yourgithubusername> ;)

also we should check before with wget -O- -q https://github.com/<yourgithubusername>.keys if the keys are on github

and last we need to know if all this command work out of the box on all 4 supported systems

• [x] ubuntu/debian
• [ ] windows with git bash
• [ ] macosx
• [ ] android with https://play.google.com/store/apps/details?id=io.treehouses.remote

[MatthewMarroquin]

@dogi the wget command does not work in windows with git bash

[dogi]

@Mattmtech thanks

we can always say to put this url https://github.com/<yourgithubusername>.keys into a browser ;)

[MatthewMarroquin]

@dogi yes i like that idea everyone should be able to get their ssh key through this way

[dogi]

we can point to browser first and then still say the wget line when macosx or linux ;)

[MatthewMarroquin]

@dogi should i make a new PR to implement these suggestions? From my understanding we will be adding this information about SSH keys under the "Add ssh key to the Raspberry Pi" header in step 2.

the information i will add is : to check that SSH keys have been added to GitHub account via https://github.com/<yourgithubusername>.keys or if using macosx/linux use wget -O- -q https://github.com/<yourgithubusername>.keys Then if keys are added properly to the GitHub account go onto the PI and run command treehouse sshkey addgithubuser <yourgithubusername> Correct?

[dogi]

@dogi should i make a new PR to implement these suggestions? From my understanding we will be adding this information about SSH keys under the "Add ssh key to the Raspberry Pi" header in step 2.

the information i will add is : to check that SSH keys have been added to GitHub account via https://github.com/<yourgithubusername>.keys or if using macosx/linux use wget -O- -q https://github.com/<yourgithubusername>.keys Then if keys are added properly to the GitHub account go onto the PI and run command treehouse sshkey addgithubuser <yourgithubusername> Correct?

@Mattmtech yes