SSH login with own terminal and/or without password
Many people prefer to work with ssh in their own terminal since they can use their preferred shell.
In addition, it can also be convenient to be able to do a remote ssh access without the need for entering a password every time.
ssh has a functionality that allows to do a password-less automated access when using authenticated ssh keys. For this tutorial we assume that ssh access is enabled on the device and within the qbee platform by providing the necessary ssh key. Automated ssh login only works with the qbee-connect desktop tool and not in the web UI as we do not store any private keys on the platform. But then you can also use your preferred terminal software.
This video shows how this is done. You see both how qbee-connect can be used to make the ssh access possible in your own terminal window and how the login works without password. For the later to work you need to follow the steps below.
Remote access can be done by exchanging proper ssh keys
By creating a public private key pair on one machine and registering the public key with the remote edge device a ssh access without password is possible. Sometimes you need to allow this in ssh settings as well.
On the desktop machine running qbee-connect you need to generate a pair of authentication keys. Please run
ssh-keygen but do not enter a passphrase. We recommend using a ecdsa key with maximum keylength for best security and compatibility:
user@my-machine~ % ssh-keygen -t ecdsa -b 521 Generating public/private ecdsa key pair. Enter file in which to save the key (/Users/user/.ssh/id_ecdsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/user/.ssh/id_ecdsa. Your public key has been saved in /Users/user/.ssh/id_ecdsa.pub. The key fingerprint is: XXXXXXXX-XXXXXXXX-YYYYYYYYYYYY-YYYYYYYYYYYY
Newer versions of macOS mandate a manual addition of the key to the keychain
For current macOS versions please add the key and follow this instruction to make it active also after a reboot.
Then copy the public key from your
/Users/user/.ssh/id_ecdsa.pub. This key needs to be distributed to all edge devices that should be accessed automatically.
Select the SSH Keys option in the "Configure" menu. Then select the device or the group of devices this key should be distributed to. Add the user and the public key (any user can have multiple keys).
The next time the agent runs on the devices in scope it will add this public key to the keychain. When this is done then a log entry confirms this:
Now the devices are prepared for automated remote access. Just start qbee-connect and connect one or many devices on port 22. In our case we connect to the device with user "pi". Calling the mapped port with the command
ssh -p 63518 pi@localhostwill automatically log into the device: