How to add public keys to KOReader authorized_keys? (Kindle)

[hondabf]

Following this guide I have enabled KOReader's SSH on my jailbreaked Kindle, but can't access to it from Filezilla because I don't know how to add a public key to the KOReader's authorized_keys file.

Without keys, Filezilla returns an "Access denied. Authentication failed" message (yes, I used "root" as user, and nothing for password), so I know it's connectable.

I have generated a pair of SSH keys through Putty. On Filezilla, I know I have to add the private key to the "SFTP Public Key Authentication" list, but how do I add the public key to KOReader's "dropbear_ecdsa_host_key"??

The first three lines are all gibberish. I am on Windows so I can't simply ">>cat". I have to add it manually, but it doesn't matter how many times I add the public key string, it makes the SSH unable to start.

Maybe I am messing up the file format and the plugin doesn't know what to do?

These are the several ways I tried adding the key string to the authorized_keys file:

1. below

Code:

gibberish characters
gibberish characters
gibberish characters

ecdsa-sha2-nistp256
keynumbershere

2. above

Code:

ecdsa-sha2-nistp256
keynumbershere

gibberish characters
gibberish characters
gibberish characters

3. delete gibberish characters

Code:

ecdsa-sha2-nistp256
keynumbershere

I KNOW usbnet exists, but since I don't have a Linux machine to do all the SSH magic, I fear I am going to brick my Kindle's in case I tried to do it on my Windows machine.

Thanks

[hondabf]

UPDATE: Login without password WORKS, just found out about that option. But I still wanted to have a safe way to SSH into my Kindle.

I also tried following dropbear's key format from their github (which is no split lines, someone@someone at the end) just below the gibberish characters like this:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwVa6M6cGVmUcLl2cFzkxEo Jd06Ub4bVDsYrWvXhvUV+ZAM9uGuewZBDoAqNKJxoIn0Hyd0Nk yU99UVv6NWV/5YSHtnf35LKds56j7cuzoQpFIdjNwdxAN0PCET/MG8qyskG/2IE2DPNIaJ3Wy+Ws4IZEgdJgPlTYUBWWtCWOGc= root@myIPhere

I tried adding my key there but still couldn't get SSH to work, I would suspect it's the "root@myIPhere" part because I didn't added the 2222 port, but at this point I think it's the gibberish characters. Because later on I deleted the added line leaving the file basically as if it was generated by KOReader and I still couldn't get SSH to work.

[NiLuJe]

Quote:

Originally Posted by hondabf

I have generated a pair of SSH keys through Putty.

That's probably your issue right there. You need things to be in OpenSSH format.

Last I knew, PuTTy generate its own special flavor of keys, there's an extra step involved to convert to OpenSSH format.

Also, that plugin in unmaintained, so the dropbear build is super old, and doesn't support many modern & recommended key formats (e.g., any and all elliptic curves).

[NiLuJe]

Case in point:

Quote:

Originally Posted by hondabf

ecdsa-sha2-nistp256

The "EC" in ecdsa stands for "elliptic curve", ergo, it's not supported .

[NiLuJe]

On a Kindle, use the USBNet hack instead, it'll ship with a (slightly) more up-to-date dropbear version, that does support this.

[pazos]

The SSH plugin at KOReader is dying and shouldn't be used unless you have no other option.

But most of the platforms have better, maintained, ssh daemons, including Kindle (see NiLuJe's stuff or hacks).

edit: wow, NiLuJe's speedrun . Ignore my comment

[hondabf]

EDIT: Better explanation/reply below this post.

[hondabf]

Okay, so apparently I had to create a new "authorized_keys" file inside the SSH folder, and paste my private key there (without the someone@someone thing at the end I mentioned earlier, just the Putty key) like this:

Code:

ssh-rsa <your key here without line breaks>

and leave the "dropbear_ecdsa_host_key" file alone.

Now it works!

I added the private key to the Filezilla list and now I am in without the need of the "without password" option.

Quote:

Originally Posted by NiLuJe

That's probably your issue right there. You need things to be in OpenSSH format.

Last I knew, PuTTy generate its own special flavor of keys, there's an extra step involved to convert to OpenSSH format.

Also, that plugin in unmaintained, so the dropbear build is super old, and doesn't support many modern & recommended key formats (e.g., any and all elliptic curves).

Well, I don't know, the SSH could connect with Putty keys (I used ECSDA because the dropbear key file had mentions to it, haha) I will be moving to OpenSSH anyways.

But also yes, I will try to set up USBNet too in the following days, didn't know this plugin was dying

[bitfreak]

Quote:

Originally Posted by hondabf

But also yes, I will try to set up USBNet too in the following days, didn't know this plugin was dying

Or save yourself a lot of trouble and use telnet to troubleshoot your ssh problems

busybox telnetd -b 0:0:0:0:23