Yes, I’m pretty sure.
Here’s the full script.
$ ssh openhabian@openhab
Linux openhab 4.19.75-v7+ #1270 SMP Tue Sep 24 18:45:11 BST 2019 armv7l
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Mon Nov 18 17:38:22 2019 from 192.168.0.1
###############################################################################
############### openhab #####################################################
###############################################################################
## Ip = 192.168.0.10
## Release = Raspbian GNU/Linux 10 (buster)
## Kernel = Linux 4.19.75-v7+
## Platform = Raspberry Pi 3 Model B Plus Rev 1.3
## Uptime = 0 day(s). 6:12:48
## CPU Usage = 0.51% avg over 4 cpu(s) (4 core(s) x 1 socket(s))
## CPU Load = 1m: 0.06, 5m: 0.08, 15m: 0.12
## Memory = Free: 0.03GB (3%), Used: 0.91GB (97%), Total: 0.95GB
## Swap = Free: 0.67GB (98%), Used: 0.01GB (2%), Total: 0.68GB
## Root = Free: 24.20GB (87%), Used: 3.57GB (13%), Total: 28.99GB
## Updates = 0 apt updates available.
## Sessions = 1 session(s)
## Processes = 129 running processes of 32768 maximum processes
###############################################################################
Welcome to __ _____ ____ _
____ ____ ___ ____ / / / / | / __ )(_)___ _____
/ __ \/ __ \/ _ \/ __ \/ /_/ / /| | / __ / / __ `/ __ \
/ /_/ / /_/ / __/ / / / __ / ___ |/ /_/ / / /_/ / / / /
\____/ .___/\___/_/ /_/_/ /_/_/ |_/_____/_/\__,_/_/ /_/
/_/
openHAB 2.5.0~M5-1 (Milestone Build)
Looking for a place to get started? Check out 'sudo openhabian-config' and the
documentation at https://www.openhab.org/docs/installation/openhabian.html
The openHAB dashboard can be reached at http://openhab:8080
To interact with openHAB on the command line, execute: 'openhab-cli --help'
[20:43:30] openhabian@openhab:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/openhabian/.ssh/id_rsa):
/home/openhabian/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/openhabian/.ssh/id_rsa.
Your public key has been saved in /home/openhabian/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:9S7ATQTPahd9+udZUQ7bFie53a6mHtAB1CUuC/3Avh4 openhabian@openhab
The key's randomart image is:
+---[RSA 2048]----+
| .o+.... |
| * +.. . |
| . @ + =.o|
| . B O + O=|
| S * = o.*|
| . o + . o.|
| E o . +|
| . o ..+o|
| ..oo...|
+----[SHA256]-----+
[20:43:58] openhabian@openhab:~$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDv3V2lrdCKBd6RZt0As+7S6XoYSEbx1Z9ryI8AwSp9iraGkvw+LCUb3hEQrgvImn6/6TJLO2O07mk0hXaRGlDlsxvTbkfC+gh53QcfrI5xB1oMHvA6YNohPjKQuemUVtjYaCWID/uBEflhxbpErGBIw3Mbi9UuMOoTmonVaGLJs+l4qSx3QT+tc5tBmCAh0RJJeV3i1BPXXmg+U9wDwvNaGgXcfkooceBCY1N2lHtGNW8AMU33SomUUKPDEEDnrTr2vyzUO5aj5HCtf3sO+7oDz19tNWNUnjZDLNRMT3hGHQ3KJcNYBVjH3Q/NE+WnTVR8enZmRfx3mqFOY5MHXKGf openhabian@openhab
So the public SSH key of the openhabian
user is:
AAAAB3NzaC1yc2EAAAADAQABAAABAQDv3V2lrdCKBd6RZt0As+7S6XoYSEbx1Z9ryI8AwSp9iraGkvw+LCUb3hEQrgvImn6/6TJLO2O07mk0hXaRGlDlsxvTbkfC+gh53QcfrI5xB1oMHvA6YNohPjKQuemUVtjYaCWID/uBEflhxbpErGBIw3Mbi9UuMOoTmonVaGLJs+l4qSx3QT+tc5tBmCAh0RJJeV3i1BPXXmg+U9wDwvNaGgXcfkooceBCY1N2lHtGNW8AMU33SomUUKPDEEDnrTr2vyzUO5aj5HCtf3sO+7oDz19tNWNUnjZDLNRMT3hGHQ3KJcNYBVjH3Q/NE+WnTVR8enZmRfx3mqFOY5MHXKGf
Now let’s edit the openhab
user settings:
[20:47:24] openhabian@openhab:~$ sudo bash
[sudo] password for openhabian:
[20:47:33] root@openhab:/home/openhabian# cd ~openhab/etc
[20:47:50] root@openhab:/var/lib/openhab2/etc# vim keys.properties
Now I edit the entry for the openhabian
user as per the Karaf documentation:
[20:50:08] root@openhab:/var/lib/openhab2/etc# cat keys.properties
################################################################################
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################
#
# This file contains the valid users who can log into Karaf. Each line have to be of
# the format:
#
# USER=KEY,ROLE1,ROLE2,...
#
# All users and roles entered in this file are available after Karaf startup
# and modifiable via the JAAS command group. These users reside in a JAAS domain
# with the name "karaf"..
#
#
# For security reason, the default auto-signed key is disabled.
# The user guide describes how to generate/update the key.
#
#karaf=AAAAB3NzaC1kc3MAAACBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAAAAFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QAAAIEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoAAACBAKKSU2PFl/qOLxIwmBZPPIcJshVe7bVUpFvyl3BbJDow8rXfskl8wO63OzP/qLmcJM0+JbcRU/53JjTuyk31drV2qxhIOsLDC9dGCWj47Y7TyhPdXh/0dthTRBy6bqGtRPxGa7gJov1xm/UuYYXPIUR/3x9MAZvZ5xvE0kYXO+rx,_g_:admingroup
openhabian=AAAAB3NzaC1yc2EAAAADAQABAAABAQDv3V2lrdCKBd6RZt0As+7S6XoYSEbx1Z9ryI8AwSp9iraGkvw+LCUb3hEQrgvImn6/6TJLO2O07mk0hXaRGlDlsxvTbkfC+gh53QcfrI5xB1oMHvA6YNohPjKQuemUVtjYaCWID/uBEflhxbpErGBIw3Mbi9UuMOoTmonVaGLJs+l4qSx3QT+tc5tBmCAh0RJJeV3i1BPXXmg+U9wDwvNaGgXcfkooceBCY1N2lHtGNW8AMU33SomUUKPDEEDnrTr2vyzUO5aj5HCtf3sO+7oDz19tNWNUnjZDLNRMT3hGHQ3KJcNYBVjH3Q/NE+WnTVR8enZmRfx3mqFOY5MHXKGf,_g_:admingroup
_g_\:admingroup = group,admin,manager,viewer,systembundles,ssh
Time to test if it works. First we’ll exit from the root shell and then we’ll try accessing the openhab
account (Karaf):
[20:52:17] root@openhab:/var/lib/openhab2/etc# exit
exit
[20:52:21] openhabian@openhab:~$ pwd
/home/openhabian
[20:52:25] openhabian@openhab:~$ openhab-cli console
Logging in as openhab
Password:
So it fails. As does:
[20:53:42] openhabian@openhab:~$ ssh -p 8101 openhab@localhost
Password authentication
Password:
Or:
[20:54:32] openhabian@openhab:~$ ssh -p 8101 openhab@localhost -i ~/.ssh/id_rsa
Password authentication
Password: