Hi,
on my desktop pc I did setup ssh ed25519 to access my router but I have a laptop and I want to add access from this one too, do I need to just create .ssh and copy my pub key, host, private key etc from my other pc?
thanks
You just need an SSH client on your laptop if you are using the default OpenWrt configuration - no need to copy anything.
EDIT: If you want password-less logins, the best option is to create a new host key on your laptop and add the public key to the router.
1 Like
cause when I try on my new laptop I get that;
$ ssh root@192.168.1.1
The authenticity of host '192.168.1.1 (192.168.1.1)' can't be established.
ED25519 key fingerprint is SHA256:7K2XXXXXXXXXXXXXXXXXXXXXXXXXXbhR2itU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.1.1' (ED25519) to the list of known hosts.
root@192.168.1.1: Permission denied (publickey).
Did you disable password-based login on OpenWrt?
yes, I only use ssh-keys, which is supposed to be safer
This information would have been relevant in your fist post. I answered it already anyway: You need to add the public key of your notebook to OpenWrt. If you can't find a public key in the notebook's .ssh folder then you need to create a new one. I would not suggest sharing the public/private key between notebook and desktop.
More information in the Wiki: https://openwrt.org/docs/guide-user/security/dropbear.public-key.auth
EDIT: Sorry, now I understand what you meant with Ed25519 in your OP. Ed25519 is an algorithm, that doesn't necessarily imply that you disabled password-based logins.
I've already have a public key in openwrt, as I said, I use it from my desktop pc, so I have to use the same?
No, you are mixing up the concept of public/private key algorithms.
OpenWrt's public key is used by your notebook and your desktop to verify that they are talking to the right machine. OpenWrt's private key stays private on the router.
Your desktop also has such a key pair and you configured OpenWrt to accept its public key for login. The private key stays private on your desktop.
Your notebook should also have such a key pair - a different one. And now you want OpenWrt to accept your notebook's public key for login. Hence, you just need to copy the public key of your notebook to OpenWrt and configure Dropbear to accept it.
1 Like
ok, I did not know I could use 2 different keys in open wrt
Of course, you can use as many as flash space permits 
1 Like
Or:
ssh -i /home/foo/key.key -l root 192.168.1.1
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.