How to enable and configure the integrated SSH server

This article describes the required steps for the initial configuration and usage of the built-in SSH server.

Note: In the following example, it will be assumed that your device either has a working ADB USB interface or a working network connection with a local IP address

Article overview

Enable ADB connections
Setup key-based authentication
Disable ADB connections
Enable SSH connections

Enable ADB connections

To setup the ADB tools for your PC, please refer to the section SDK Platform Tools in the official documentation.

For devices with support for ADB via USB

  1. Please enable the USB Debugging feature in Settings > Developer options.
  2. Connect the USB cable to your device and make sure it is detected by ADB:
 > adb devices
> adb root

For devices without support for ADB via USB

  1. Please enable the ADB over Ethernet feature in Settings > Emteria.
  2. Connect to the device using the correct IP address of your device:
 > adb connect
> adb root

Setup key-based authentication

There are many different ways of logging into an SSH server but for now emteria.OS only supports key-based authentication. This approach provides a simple, yet very secure way of remote control for your device.

  1. Generate a pair of SSH keys to be used for the authentication, for example using PuTTYgen or command line. That way you can also set a password for the private key. Alternatively, you can use SSH keys which were automatically generated by emteria.OS during the first boot, and later on add a password for the private key with PuTTYgen:
     > adb pull /data/ssh/ssh_host_rsa_key my_private_key
    > adb pull /data/ssh/
  2. Add the desired public key to the list of keys which will be allowed to establish a remote connection with this device:
    > adb push /data/ssh/authorized_keys
  3. It’s best to delete the private keys afterwards from the device:
     > adb shell 
    > rm /data/ssh/ssh_host_rsa_key

Note: When creating a new SSH key pair, make sure it has the RSA format.

E.g. ssh-rsa AAAAB...XYZ==

Disable ADB connections

The ADB must be disabled in production devices, as it opens the possibility for attackers to control the system remotely. After setting up a secure SSH authentication, the ADB over Ethernet should be deactivated in Settings > Emteria.

Enable SSH connections

  1. Activate the integrated SSH server in Setting > Emteria.
  2. Establish a connection to your device using the correct IP address:
 > ssh -i my_private_key root@
rpi3:/ # id
uid=0(root) gid=0(root) groups=0(root), context=u:r:sshd:s0