don't re-gen SSH keys


Forum: Other Help Topics
Topic: don't re-gen SSH keys
started by: josiahbryan

Posted by josiahbryan on Dec. 10 2007,14:31
I've got DSL installed on a CF card, booting onto a PC-104 processor board. The problem is that every time DSL boots, it wants to re generate SSH keys, which takes 1-2 minutes every boot. I've got the ssh keys stored in the backup.tar.gz - but  that doesn't get uncompressed till after the keys are generated anyway. Is there any cheat codes or other method of turning off the ssh key generation? Or even just turning off SSH all together? (I can then start the daemon through the bootlocal.sh script.) Any help is appreciated.
Posted by roberts on Dec. 10 2007,15:37
Keys are generated when starting ssh if they, the keys, are not present, they are generating everytime. You must have the ssh boot option in the append section of your bootloader.

Since obviously booting occurs before restore, the keys would be generated. Move the start ssh after the restore, i.e., opt/bootlocal.sh.



Posted by josiahbryan on Dec. 10 2007,15:57
I understand what you're saying - problem is, I find no mention of the ssh option in either lilo.conf or menu.1st.

See, another engineer at my firm did the original disk image for this board, and I'm not sure exactly how he installed DSL on the CF card. I've just re-imaged new CF cards from his CF card whenever needed. Therefore, I'm not sure how to change the boot options or even what bootloader is used.

I think its grub (the bootloader), but no menu comes up when it boots.  Any advice on determining the boot loader?

By the way, here is the relevant default entry from menu.1st. As you can see, no mention of ssh in the list - unless its in some other config file.


title DSL
kernel /boot/linux24 root=/dev/hda2 quiet vga=normal noacpi noapm nodma noscsi frugal
initrd /boot/minirt24.gz


Likewise, /etc/lilo.conf has:

image=/vmlinuz
       append="lang=de apm=power-off hda=scsi hdb=scsi hdc=scsi hdd=scsi hde=scsi hdf=scsi hdg=scsi hdh=scsi vga=791 quiet BOOT_IMAGE=knoppix"
       root=/dev/hda5
       label=Knoppix
       read-write

Again, no mention of ssh. I don't think it boots lilo because the vga mode is not the same as seen on the CRT - currently it looks like vga 768 - and it doesn't give any "undefined mode number" errors, which leads me to believe it doesn't even try to set vga=791, therefore it probably boots using grub.

So, back to the start, since grub doesn't list ssh explicitly, is there a way to explicitly turn OFF ssh?

Sorry for the ignorance displayed here -trying to learn the best I can. Thanks for the help. Cheers!

-josiah

Posted by roberts on Dec. 10 2007,16:24
Are asking for support on a customized remastered DSL?
Hard to say where one might have ssh starting,

/etc/init.d/knoppix-autoconfig?
/etc/init.d/dsl-config?
/etc/init.d/rc5.d/?

If it is embedded in the remastered iso, then not much you can do but remaster again unless you find that there is indeed an option to not boot with ssh.   Or you choose to upgrade to a supported version of DSL.

Posted by ^thehatsrule^ on Dec. 10 2007,16:30
It's menu.lst (L, not a 1) and you're probably seeing the default/template configs.
If you aren't being shown which bootloader you're using during boot, it might be hard to find out...

Looks like a frugal, if you're using grub, look in /cdrom/boot/grub/menu.lst and modify some settings there, and see if they change your next reboot.
For lilo, the settings are stored only on the mbr (no backup of the lilo.conf is done by default iirc) and I'm not sure if you can read them manually...
Of course, it could be using a different bootloader all together.

Posted by josiahbryan on Dec. 10 2007,16:58
Ahhh bueno ... yes, /cdrom/boot/lilo.conf has the following line:

APPEND="ramdisk_size=100000 init=/etc/init lang=us apm=power-off hda=scsi hdb=scsi hdc=scsi nofirewire nomce nodma quiet frugal BOOT_IMAGE=/KNOPPIX/KNOPPIX 2 ssh nfs syslog nomonkey restore=hdc2  "


I wasn't aware of this file...thanks!

Now, how do I get lilo to re-config the boot loader?

After removing /etc/lilo.conf and symlinking /cdrom/boot/lilo.conf into /etc, running "lilo" gives:

root@0[etc]# lilo
Fatal: creat /boot/map~: Read-only file system

Any ideas?

Posted by curaga on Dec. 10 2007,18:58
mount -o remount,rw /cdrom
mkdir /tmp/tmp
cp -a /boot/* /tmp/tmp
mount -t tmpfs tmpfs /boot
cp -a /tmp/tmp/* /boot

That should do it, having both /cdrom and /boot writable..

Posted by josiahbryan on Dec. 10 2007,19:02
Thanks for the help! Getting closer, I think...

root@0[opt]#
root@0[opt]# mount -o remount,rw /cdrom
root@0[opt]# mkdir /tmp/tmp
root@0[opt]# cp -a /boot/* /tmp/tmp
root@0[opt]# mount -t tmpfs tmpfs /boot
root@0[opt]# cp -a /tmp/tmp/* /boot
root@0[opt]# lilo
Fatal: Trying to map files from unnamed device 0x0009 (NFS ?)

Next steps?

Posted by ^thehatsrule^ on Dec. 11 2007,00:01
so it does save it by default...

From the frugal_lilo.sh install script (I've seen this posted before):

ln -sf /mnt/$TARGET/boot /
lilo -C /mnt/$TARGET/boot/lilo.conf

where $TARGET is your partition with DSL.

Since DSL mounts /cdrom as that partition by default, you might be able to substitute /mnt/$TARGET with /cdrom - but I'm not sure.

Posted by josiahbryan on Dec. 11 2007,00:56
Awesome - that seemed to let lilo run peacefully ...

root@1[/]# mv boot boot.1
root@1[/]# mount /mnt/hdb1
root@1[/]# ln -s /mnt/hdb1/boot /
root@1[/]# lilo -C /mnt/hdb1/boot/lilo.conf
Added DSL *

However, since I did that remotely over an ssh tunnel back to my office, then ssh'd over to the dev board, I'm reluctant to reboot the board remotely for fear of loosing the ssh connection to it if something goes wrong (I still have more dev work to do on it tonite from home - if ssh goes, no more work tonite. :-) Could be good ..or bad..)

Anyway, I'll try the reboot tomorrow ...all should work as expected, but we'll see. Thanks for all your help everyone - many thanks!

Powered by Ikonboard 3.1.2a
Ikonboard © 2001 Jarvis Entertainment Group, Inc.