I put a public key in file "/etc/dropbear/authorize_key", and can use private key to ssh to the openwrt system.
But after I sysupgrade the system by using "sysupgrade xxx.bin" , I can't ssh by private key. It said "Permission denied(publickey)". I tried to ssh on system by password, and check the files in /etc/dropbear that are not be modified.
I tried to clear the file "/etc/dropbear/dropbear_rsa_host_key" and restart the dropbear service, which can make ssh successfully again.
I know /lib/upgrade/keep.d/ will keep the files in /etc/dropbear/, but I don't understand why ssh failed after sysupgrading, the files in /etc/dropbear/ are not changed.
Perhaps you forgot to specify the login name for root.
SSH uses your active user name by default, which apparently doesn't exist or isn't configured for key-based authentication on the destination host.
Sorry, it's typo in the post.
I put right file on the system, it is authorized_keys that's why I can ssh by private key at first.
I mean after sysupgrading, /etc/dropbear are kept, but ssh by private key is failed.
But once I clear the file /etc/dropbear/dropbear_rsa_host_key and restart dropbear (which will generate a new dropbear_rsa_host_key), I can ssh by private key again.
I wonder why the files kept but ssh fails, am I missing something I don't know.
Possibly your old host key was generated by an algorithm that has already been deprecated and is not supported with the current dropbear or your SSH client. Something like that (as regenerating the host key fixes things).
Thanks for the reply.
I guess you are right. I have a workaround solution that delete the "/etc/dropbear/" entry in '/lib/upgrade/keep.d", which will delete the old rsa_host_key file and make dropbear generate new dropbear_rsa_host_key after sysupgrading.
But I still wonder why and what makes the old host key be deprecated after sysupgrading. If I keep the authorized_key and dropbear_rsa_host_key during sysupgrading, I guess it is like a normal reboot for dropbear, its configuration files are not changed and application(dropbear) is still not be changed.
I use image-builder to generate image, and apply my custom files, I put the authorized_keys file to /etc/dropbear, and forget to adjust the permission of the directory which should be 0700.
I solved it yesterday, haven't posted here in time.