如何解决sshd_config不会通过Yocto元层覆盖,因此无法连接到开发板上 初始步骤
系统
- 硬件:PHYTEC PHYBOARD-Mira板
- 处理器:NXP i.MX6 Quad
- Yocto / OE 分支:
warrior
初始步骤
-
我有一个名为
meta-mylayer
的自定义层,我希望在该层上更改带入硬件的图像。meta-yogurt
层由Phytec提供,该层由其应用程序和其他与板相关的软件组成。 -
在我的层中,我有以下密码秘诀:
# meta-mylayer/recipe-images/images/phytec-headless-image.bbappend inherit extrausers EXTRA_USERS_PARAMS = "usermod -P yocto2020 root;"
执行bitbake -k phytec-headless-image
并通过串行电缆连接电路板后,我可以使用root:yocto2020
凭据登录电路板,但是在ssh -l root <StaticIPBoard>
时,我一直无法访问。
基于此toradex forum thread,我在所有元层所在的目录中执行以下命令:
find . -name "*sshd_config*"
结果如下:
./meta-yogurt/recipes-connectivity/openssh/openssh/sshd_config
./poky/meta/recipes-connectivity/openssh/openssh/sshd_config
因此,我从sshd_config
层复制了meta-yogurt
,并取消了以下两行的注释:
AllowRootLogin Yes
PasswordAuthentication Yes
我层中配方的结构如下:
meta-mylayer/recipes-connectivity/
└── openssh
├── openssh
│ └── sshd_config # uncommented the necessary lines
└── openssh_%.bbappend
openssh_%.bbappend
文件的内容如下:
FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
该图层已经在$BUILDDIR/conf/bblayers.conf
中,因此我继续进行bitbake -k phytec-headless-image
并将图像加载到板上。
命令ssh -v -l root <STATICIP>
会引发以下错误:
$ ssh -v -l root 192.168.3.11
OpenSSH_6.6.1,OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 192.168.3.11 [192.168.3.11] port 22.
debug1: Connection established.
debug1: identity file /home/des/.ssh/id_rsa type 1
debug1: identity file /home/des/.ssh/id_rsa-cert type -1
debug1: identity file /home/des/.ssh/id_dsa type -1
debug1: identity file /home/des/.ssh/id_dsa-cert type -1
debug1: identity file /home/des/.ssh/id_ecdsa type -1
debug1: identity file /home/des/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/des/.ssh/id_ed25519 type -1
debug1: identity file /home/des/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
debug1: Remote protocol version 2.0,remote software version OpenSSH_7.9
debug1: match: OpenSSH_7.9 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-sha1-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 82:25:3c:5a:49:5e:61:ba:7c:0d:6b:b9:1d:78:9c:7c
debug1: Host '192.168.3.11' is known and matches the ECDSA host key.
debug1: Found key in /home/des/.ssh/known_hosts:46
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/des/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/des/.ssh/id_dsa
debug1: Trying private key: /home/des/.ssh/id_ecdsa
debug1: Trying private key: /home/des/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: password
root@192.168.3.11's password:
debug1: Authentications that can continue: publickey,keyboard-interactive
Permission denied,please try again.
sshd_config
文件
我通过串行端口在板上
cat /etc/ssh/sshd_config | grep -i "rootlogin"
和AllowRootLogin
选项仍被注释掉!
其他替代方案
我尝试了devtool modify openssh
,并编辑了sshd_config
,并使用SRC_URI_append
将补丁添加到了我的图层,结果仍然相同。
local.conf
EXTRA_IMAGE_FEATURES += "debug-tweaks"
中的PS 已被注释。
问题
要在我的Yocto层中使用密码为root
用户的SSH通过SSH到达董事会,需要做些什么?
解决方法
问题是EXTRA_IMAGE_FEATURES += "debug-tweaks"
。我提到conf/local.conf
中已将其注释掉。
解决方案是取消注释,以便产生效果。
之前:
conf/local.conf
#EXTRA_IMAGE_FEATURES += "debug-tweaks"
之后:
EXTRA_IMAGE_FEATURES += "debug-tweaks"
然后使用bitbake -k phytec-headless-image
和ssh -l root <STATICIP>
使用密码登录来构建新图像
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。