Rsync -avz -e “ssh -i /root/.ssh/id_rsa” some-file-here. Now that ssh works, I can easily perform an automated rsync: Dropbear does not automatically look for it like OpenSSH does. Notice that you need to explicitly specify the identity file on the command line. You should now be able to ssh without a ssh -i ~/.ssh/id_rsa Ensure that permissions on this file are set to 600. Now copy or (concatenate) ‘authorized_keys’ to ~/.ssh on ‘webhost’. Since dropbear stores its keys in different format, it needs to be converted for a standard SSH server:ĭropbearkey -y -f ~/.ssh/id_rsa | grep “^ssh-rsa ” > authorized_keys The goal is to allow ‘nas’ to authenticate to ‘webhost’ using a key instead of a password.įirst, generate your identity key on ‘nas’ This assumes that the OpenWRT device is named ‘nas’ and the remote machine is ‘webhost’. If you have an OpenSSH-style private key /.ssh/idrsa, you need to do: dropbearconvert openssh dropbear /.ssh/idrsa /.ssh/idrsa.db dbclient -i /.ssh/idrsa. I found plenty of examples on setting up key based authentication using dropbear as the HOST, but not as the CLIENT. Client public key auth: Dropbear can do public key auth as a client, but you will have to convert OpenSSH style keys to Dropbear format, or use dropbearkey to create them. Name dropbear - lightweight SSH2 server Synopsis dropbear -FEmwsgjki -b banner -d dsskey -r rsakey -p address:port Description dropbear is a SSH 2 server designed to be small enough to be used in small memory environments, while still being functional and secure enough for general use. In order to rsync files from a remote host using a cron script, this is critical. It turns out that the dropbear ssh client works a bit differently when attempting to use key based authentication. I ran into a little bit of a hiccup getting my OpenWRT NSLU2 device to automatically rsync to a remote host.