SSH Connection: Password-less Access to a Remote Linux* Target Device
- IoT applications that use the MRAA/UPM sensor library
- Any application that interacts with system resources that require su, sudo, or root access
- Any tool that requires remote root or sudo access to your target system
Configure Password-less SSH Access
- Host development system:Linux*, Windows*, or macOS*
- Target system:Linux
- Open a terminal session (CMD window on Windows) and CD to your home directory.
- Enter the following commands to create an .ssh directory, set the proper permissions, and CD into the new .ssh directory.At a Windows CMD prompt> %HomeDrive% && cd %HomePath% > mkdir .ssh > cd .sshAt a Linux terminal (bash) prompt$ cd ~ $ mkdir -p .ssh $ chmod 700 .ssh $ cd .ssh
- To generate adefault-namedRSA key pair with anempty passphrase(that is, do not provide a passphrase when asked), enter:$ ssh-keygen -t rsa
- To copy the new public key to your target system'snon-root userhome folder, enter the following, where:username= the name used to access the target andtarget= the IP address or the network hostname of the targetYou should be prompted for the non-root user password for your target device.$ scp id_rsa.pub username@target:id_rsa.pub $ ssh username@target $ cd ~ $ mkdir -p .ssh $ chmod 700 .ssh $ cat ~/id_rsa.pub >>.ssh/authorized_keys $ chmod 600 .ssh/authorized_keys $ exit
- To display the target'ssystem informationstrings, including the target's hostname as the second field in the output, enter:ssh username@target uname -a
- To login to thenon-root useron the target using SSH and switch to theroot userusing sudo, enter:$ ssh username@target $ cd ~ $ sudo -E bashNote that the sudo command should prompt you for your target system'snon-root userpassword.
- To copy the public key that you transferred to the non-root user account on the target into the root user's authorized keys file, enter:$ mkdir -p /root/.ssh $ chmod 700 /root/.ssh $ cat ./id_rsa.pub >>/root/.ssh/authorized_keys $ chmod 600 /root/.ssh/authorized_keys
- Exit twice, first from the sudo bash session, second from the ssh connection:$ exit $ exit
$ ssh root@target ls -a
Next: Create a New Connection and Connect to Your Target
- Password-less access works only when you connect to your target system from your host development system with a matching private SSH key. Attempting to connect from a different host system will still require a password.
- Make sure that you have created a project for Linux targets, and that this project is selected in the Project Explorer.