This easy and basic guide will help you to connect via ssh a dreambox to dreambox or linux server via ssh (SecureSHell) using CLI.
Since oldest version and even nowdays, the client used on Dreambox for SSH is Dropbear, a software package written by Matt Johnston for most POSIX platform.
Reference :
https://en.wikipedia.org/wiki/Dropbear_(software)
OpenSSH
Download PuTTY - a free SSH and telnet client for Windows
https://en.wikipedia.org/wiki/Comparison_of_SSH_clients
Let's see ho we can implement ssh. First we need to create a "key". A key is composed of two parts, "public key" and "private key". Once the public key is transferred to another device (usually added into /authorized_keys), will recognize the connecting device thru the algorythm comparing the public key stored in authorized key with the private key and establishing a secure connection.
make a dir .ssh change permission to 0644 and create a key named dm7080 with a size of 1024 bit:
cd /home/root/
mkdir .ssh
chmod 0644 *
dropbearkey -t rsa -f dm7080 -s 1024
export the public key:
dropbear -y -f dm7080 > dm7080pub
copy the public dm7080pub to a device directory /tmp and IP 192.168.1.100 and add the public key to ssh server
scp dm7080pub root@192.168.1.100:/tmp/
on 192.168.1.100 type:
cat /tmp/dm7080pub >> authorized_keys
remove the copied /tmp/dm7080pub from 192.168.1.100 for security reasons
rm /tmp/dm7080pub
This way presenting yourself with the private key, the counterpart will authenticate you with the public key thru the rsa algorythm.
You are done.
Let's see now what you can do:
dropbear do not use identity so we need to specify with -i our public key
login:
ssh -i /home/root/.ssh/dm7080 root@192.168.1.100
copy a file named "myfile" from dreambox usb to 192.168.1.100 directory /home/root:
scp -i /home/root/.ssh/dm7080 /media/usb/myfile root@192.168.1.100:/home/root/
All these commands are very helpful if integrated into a bash script and used with cronmanager.
Note:
Private key and public key can be copied to several devices, as far as they are "paired", this practice it's obviously not suggested for security reasons.