What's new

SCP/Dropbear known_hosts authorization in starting scripts on RT-AC68U 384.12

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

zperetz

New Around Here
Hi everyone,

I have some scripts that uploaded some important files to the cloud on router's restart. Of course I had known_hosts that were uploaded to ~/.ssh/ and had no requests for trusted hosts for automation process.

But starting from 384.12 I started getting errors of upload.

Copying to ~/.ssh gives an error of read-only file system, if it's done in starting scripts. Going to deeper debuging I've found out, that even if I copy directly to /home/root/.ssh/, I still getting the following error for scp command in starting script (it's important, that it's called from the scripts)

Code:
--- script.sh---
scp -i id_rsa -P 2222 /tmp/log.log zperetz@upload.local:~
-----------------
/usr/bin/dbclient: Warning: failed creating //.ssh: Read-only file system

Host 'upload.local' is not in the trusted hosts file.
Which looks like Dropbear is also trying to write to ~/.ssh/know_hosts with no luck.

But if I repeat the same scp action from CLI (after logging in), the problem disappears, and known_hosts is accepted, which means that ~ direction is recognized.

Any idea of solution is very appreciated.
 
It looks like dropbear thinks your home dir is / instead of /root, which would lead to the read-only filesystem error. Which start script are you using to run your script? Maybe it’s too early in the boot process.

Try setting $HOME=/root in your script.
 
It looks like dropbear thinks your home dir is / instead of /root, which would lead to the read-only filesystem error. Which start script are you using to run your script? Maybe it’s too early in the boot process.

Try setting $HOME=/root in your script.

I'm using firewall-start to call, and tried to use some timeouts, it was not helping. But setting HOME to /root was a good idea, thanks it helped.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top