Pluto SDR persistent SSH keys command failing on fimrware 0.32

Hi all,

I have a Pluto SDR on the latest firmware (0.32) as evidenced by the SSH session.  I want to enable persistent SSH keys on it per the instructions here:
https://wiki.analog.com/university/tools/pluto/users/customizing#enabling_persistent_ssh_keys

The command "device_format_jffs2" runs with the proper output, however, the command "device_persistent_keys" has no output when I run it, and the SSH key for the pluto is not peristent upon reboot.  What is wrong with the device_persistent_keys command?

Parents
  • Hi all,

    Just want to reiterate that this could be a 0.32 firmware problem, so if someone could please respond and/or troubleshoot this it would be greatly appreciated.

  • 0
    •  Analog Employees 
    on Mar 10, 2021 9:38 AM in reply to Micah

    Hmm - works for me - can you check 


    # device_persistent_keys
    Generating 256 bit ecdsa key, this may take a while...
    Public key portion is:
    ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDr1/Y3OjLSAFIzZXYMawMwBeE5nvcQlmH/eI7lg5xZAuGFrbz7LNIn9I9RRyJjhvDLhGpiKWzPinvfIG6DWfKk= root@pluto
    Fingerprint: sha1!! 75:9f:88:ad:02:23:81:0c:2d:b0:c3:76:53:eb:27:8f:2c:e9:94:6d

    # find /mnt/jffs2/
    /mnt/jffs2/
    /mnt/jffs2/etc
    /mnt/jffs2/etc/dropbear
    /mnt/jffs2/etc/dropbear/keys.md5
    /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    #

    # device_persistent_keys

    (no output here)

    # md5sum /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    0760554232d496df884459a2f03a8f8a /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key

    Reboot...

    # md5sum /etc/dropbear/dropbear_ecdsa_host_key
    0760554232d496df884459a2f03a8f8a /etc/dropbear/dropbear_ecdsa_host_key

    -Michael

Reply
  • 0
    •  Analog Employees 
    on Mar 10, 2021 9:38 AM in reply to Micah

    Hmm - works for me - can you check 


    # device_persistent_keys
    Generating 256 bit ecdsa key, this may take a while...
    Public key portion is:
    ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDr1/Y3OjLSAFIzZXYMawMwBeE5nvcQlmH/eI7lg5xZAuGFrbz7LNIn9I9RRyJjhvDLhGpiKWzPinvfIG6DWfKk= root@pluto
    Fingerprint: sha1!! 75:9f:88:ad:02:23:81:0c:2d:b0:c3:76:53:eb:27:8f:2c:e9:94:6d

    # find /mnt/jffs2/
    /mnt/jffs2/
    /mnt/jffs2/etc
    /mnt/jffs2/etc/dropbear
    /mnt/jffs2/etc/dropbear/keys.md5
    /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    #

    # device_persistent_keys

    (no output here)

    # md5sum /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    0760554232d496df884459a2f03a8f8a /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key

    Reboot...

    # md5sum /etc/dropbear/dropbear_ecdsa_host_key
    0760554232d496df884459a2f03a8f8a /etc/dropbear/dropbear_ecdsa_host_key

    -Michael

Children
  • Thank you for the response.  It does not work as evidence by 2 main differences from your experience. 1) your first use of device_persistent_keys has an output and mine does not, and 2) you can tell even before you log into the pluto that the key has changed since you have to remove it from the known_hosts file. For consistency I still relogged in in order to get the checksum.  I believe this is still a bug in the 0.32 firmware since this is all configurable software:

    Welcome to:
    ______ _ _ _________________
    | ___ \ | | | / ___| _ \ ___ \
    | |_/ / |_ _| |_ ___ \ `--.| | | | |_/ /
    | __/| | | | | __/ _ \ `--. \ | | | /
    | | | | |_| | || (_) /\__/ / |/ /| |\ \
    \_| |_|\__,_|\__\___/\____/|___/ \_| \_|

    v0.32
    wiki.analog.com/.../pluto
    # device_persistent_keys
    #
    # find /mnt/jffs2/
    /mnt/jffs2/
    /mnt/jffs2/etc
    /mnt/jffs2/etc/dropbear
    /mnt/jffs2/etc/dropbear/keys.md5
    /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    #
    # device_persistent_keys
    #
    # md5sum /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    b597c845aa45c3458c20669a85168890 /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    #
    # device_reboot
    Usage: /usr/sbin/device_reboot {ram|sf|reset|verbose|break}
    sf : Reboot and enter Serial Flash DFU mode
    ram : Reboot and enter RAM DFU mode
    reset : Reboot
    verbose: Reboot and start serial console Verbose
    break : Reboot and HALT in u-boot
    # device_reboot reset
    # Connection reset by X.X.X.X port 22
    PS H:\> ssh root@X.X.X.X @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

    ...remove from known_hosts file...


    ______ _ _ _________________
    | ___ \ | | | / ___| _ \ ___ \
    | |_/ / |_ _| |_ ___ \ `--.| | | | |_/ /
    | __/| | | | | __/ _ \ `--. \ | | | /
    | | | | |_| | || (_) /\__/ / |/ /| |\ \
    \_| |_|\__,_|\__\___/\____/|___/ \_| \_|

    v0.32
    wiki.analog.com/.../pluto
    # md5sum /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    f072fed42fe374ba300f5e77267154f1 /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    #

  • 0
    •  Analog Employees 
    on Mar 26, 2021 1:35 PM in reply to Micah

    I guess there is some issue with the hash in the Keyfile and the md5of the file.

    Can you try following sequence?

    I'll add the unount to the device_format_jffs2 command.

    The issue might be the fs cache...

    # umount /mnt/jffs2
    # device_format_jffs2
    Are you sure to delete/format your mtd2 JFFS2 (/mnt/jffs2) partition? (yes/no) yes
    Erasing 64 Kibyte @ 0 -- 0 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 10000 -- 7 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 20000 -- 14 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 30000 -- 21 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 40000 -- 28 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 50000 -- 35 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 60000 -- 42 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 70000 -- 50 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 80000 -- 57 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ 90000 -- 64 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ a0000 -- 71 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ b0000 -- 78 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ c0000 -- 85 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ d0000 -- 92 % complete flash_erase: Cleanmarker Updated.
    Erasing 64 Kibyte @ d0000 -- 100 % complete
    # mount -a
    # mount
    none on / type rootfs (rw)
    devtmpfs on /dev type devtmpfs (rw,relatime,size=120508k,nr_inodes=30127,mode=755)
    proc on /proc type proc (rw,relatime)
    devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
    tmpfs on /dev/shm type tmpfs (rw,relatime,mode=777)
    tmpfs on /tmp type tmpfs (rw,relatime)
    tmpfs on /run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    sysfs on /sys type sysfs (rw,relatime)
    none on /sys/kernel/debug type debugfs (rw,relatime)
    configfs on /sys/kernel/config type configfs (rw,relatime)
    iio_ffs on /dev/iio_ffs type functionfs (rw,relatime)
    mtd2 on /mnt/jffs2 type jffs2 (rw,noatime)
    # find /mnt/jffs2/
    /mnt/jffs2/
    # device_persistent_keys
    # find /mnt/jffs2/
    /mnt/jffs2/
    /mnt/jffs2/etc
    /mnt/jffs2/etc/dropbear
    /mnt/jffs2/etc/dropbear/keys.md5
    /mnt/jffs2/etc/dropbear/dropbear_ecdsa_host_key
    # sync
    # reboot

    -Michael

  • Thanks for the follow up and sorry for the late response.  The steps given in your previous response ended up not being needed as at one point (seemingly randomly), the pluto seemed to lockup without any commands from me, and then reboot.  After that, the SSH keys were persistent. I have no explanation for this as I was not issuing any commands at the time.

  • The only things I have done that may not be standard to my pluto are updating to the ad964 from 
    https://wiki.analog.com/university/tools/pluto/users/customizing

    and also enablling  both cores

    https://www.reddit.com/r/RTLSDR/comments/7h2hh2/plutosdr_enable_2nd_cpu_core_for_better/

    I can't imagine why these would have caused a delayed behavior in the enable SSH persistence commands I was running.

    Again, to be clear, I was not running the enable ssh persistence command set when this weird lock up and reset occurred, nor was I doing any of the customizations I listed.