SSH between routers with no password

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

calzor suzay

Regular Contributor
I'm trying to setup SSH between routers without a password so i can run command on one as part of a script.
Trouble is with my googling I keep hitting issues with how to do it, which I'm sure you can...

I have an 86U (primary) and a 68U (node) in a mesh. I want to from the 86U connect to the 68U.
I found a tutorial about key pairs etc. but the commands ssh-keygen and ssh-copy-id aren't on either router.
I then tried the route of using putty to create keys, the tutorial shows how to copy/paste the key into the admin>system>service>authorized keys field but on an AiMesh node you can't seem to get to the web page so I can't do this.

Any idea how I can achieve this please?
 

calzor suzay

Regular Contributor
Have issues when it reboots as the authorized_keys file gets lost, have replied in other thread but if anyone has any ideas?
 

Jeffrey Young

Senior Member
Where are you storing your keys? I ran into the same thing last weekend as I was setting up a script on the router to SSH into my NAS to execute a shutdown on a NUT shut down signal. After some frustration, I too learned the "dropbear" way.

You need to store your keys in /jffs somewhere as that is the only space that will survive a reboot (unless you store the keys on the mounted USB drive somewhere).
 

calzor suzay

Regular Contributor
I have a services-start script as below to copy the file back

Code:
#!/bin/sh
# /jffs/scripts/services-start
cp /jffs/.ssh/authorized_keys /home/root/.ssh/authorized_keys

I think this isn't running though as in syslog I see "May 5 06:05:16 custom_script: Found services-start, but custom script execution is disabled!" the date is weird though but from some other googling this might be because NTP isn't started yet.
Either way the usual fix for this is to enable it in the GUI but I can't get to the GUI as it's an AiMesh node.

How can I enable it via command line or is there a way to get the GUI working on an AiMesh node?
 

dave14305

Part of the Furniture
I have no AiMesh experience, but you can enable custom scripts via nvram set jffs2_scripts=1; nvram commit and then reboot again to see if it works. Also if you clear this hurdle, make sure the script is executable with chmod u+x /jffs/scripts/services-start
 

Jeffrey Young

Senior Member
As @dave14305 said or via the GUI at "Administration -> System -> Enable Scripts"

1607965823076.png
 

calzor suzay

Regular Contributor
It's an AiMesh node so there is no GUI to log into, it won't let you as it wants to centrally mange it via the primary node.
On the primary it's already turned on.

Anyway the command dave14305 gave nvram set jffs2_scripts=1; nvram commit seemed to get me over the final hurdle.
I bounced the node and tried from the primary router once back up and it let me straight in.

Now all I have to do is work out the script I want to run and return the result :)
 

Jeffrey Young

Senior Member
My bad. That is good to know. I don't use AiMesh.
 

Jeffrey Young

Senior Member
Staying with my non AiMesh experience, is SSH turned on at a node by default? If no GUI, how do turn on SSH ability on the node?
 

calzor suzay

Regular Contributor
Staying with my non AiMesh experience, is SSH turned on at a node by default? If no GUI, how do turn on SSH ability on the node?
I'm not sure if I turned it on or it was just on to be honest, I think it was just on remote node, it uses the same user/pass as the primary node so it must sync it.

Anyway I'm happy bunny now as I got the primary router to do the wl lookup on the remote node for my presence detection script.
It now works properly rather it running the same script on each box independently and having the occasional blip where it thinks I've left the house and turning lights off.
 

Jeffrey Young

Senior Member
That makes sense that the node would just mimic the master as to the way it is set (i.e. if ssh is enabled on the master, then it would be enabled on the node).

Thanks. Glade you got all working for you.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top