CLI

SSH

Il s’agit ici d’un exercice afin de s’initier à la connexion en SSH à une autre machine dans le cas présent c’est un Raspberrypi sortie de sa boite et un raspbian en guise d’OS.

>Se connecter en ssh au « raspberrypi »
le user étant (pi sur raspberry) pi@raspberrypi

 

lastorder@samachine:~$ ssh pi@192.168.0.29
The authenticity of host ‘192.168.0.29 (192.168.0.29)’ can’t be established.
ECDSA key fingerprint is ff:0f:e6:bb:31:03:61:f9:b2:bc:91:43:50:b8:43:83.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.0.29’ (ECDSA) to the list of known hosts.
pi@192.168.0.29’s password:
Linux raspberrypi 3.6.11-rpi-aufs #1 PREEMPT Sun Dec 30 22:31:28 CET 2012 armv6l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

>Les Raspberry ont tous  les mêmes clés il faut les changer.
pour cela il faut effacer d’abord les anciennes’ avec la commande rm =remove.

pi@raspberrypi ~ $ sudo rm /etc/ssh/ssh_host_*

>En créer d’autres.

pi@raspberrypi ~ $ sudo dpkg-reconfigure openssh-server
Creating SSH2 RSA key; this may take some time …
Creating SSH2 DSA key; this may take some time …
Creating SSH2 ECDSA key; this may take some time …
[ ok ] Restarting OpenBSD Secure Shell server: sshd.

>Se déconnecter.

pi@raspberrypi ~ $ logout
Connection to 192.168.0.29 closed.

>Ensuite validé en se reconnectant.

lastorder@samachine:~$ ssh pi@192.168.0.29
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
13:a8:92:6e:e9:c3:e0:16:27:73:41:00:3e:36:48:71.
Please contact your system administrator.
Add correct host key in /home/lastorder/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/lastorder/.ssh/known_hosts:3
remove with: ssh-keygen -f « /home/lastorder/.ssh/known_hosts » -R 192.168.0.29
ECDSA host key for 192.168.0.29 has changed and you have requested strict checking.
Host key verification failed.

>Les clés ont changées elle ne sont pas encore validé …
Là le générateur de clé (keygen) nous donne la commande pour forcer.

lastorder@samachine:~$ ssh-keygen -f « /home/lastorder/.ssh/known_hosts » -R 192.168.0.29

>La réponse.

/home/lastorder/.ssh/known_hosts updated.

Et nous indique que l’ancienne clé se trouve dans le old.(l’ancien).
Original contents retained as /home/lastorder/.ssh/known_hosts.old

>Re-tentative.

lastorder@samachine:~$ ssh pi@192.168.0.29
The authenticity of host ‘192.168.0.29 (192.168.0.29)’ can’t be established.
ECDSA key fingerprint is 13:a8:92:6e:e9:c3:e0:16:27:73:41:00:3e:36:48:71.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.0.29’ (ECDSA) to the list of known hosts.
pi@192.168.0.29’s password:
>À vous de jouer.

Related articles
Par défaut

Laisser un commentaire