Jump to: navigation, search

Automating remote management via ssh/scp

It is possible to automate configuration changes to Mesh Potatoes via the command line using ssh and scp.

Automate authentication

The first step is to set up automatic authentication by storing your ssh key on the Mesh Potato. Follow these steps

 $ ssh-keygen -t rsa
 Generating public/private rsa key pair.
 Enter file in which to save the key (/home/username/.ssh/id_rsa): 

Press return to leave the passwd blank.

 Enter passphrase (empty for no passphrase): 
 Enter same passphrase again: 
 Your identification has been saved in /home/username/.ssh/id_rsa.
 Your public key has been saved in /home/username/.ssh/id_rsa.pub.

Copy your local public key to the remote server. Replace 10.130.1.20 with the IP address of your Mesh Potato.

 $ scp ~/.ssh/id_rsa.pub root@10.130.1.20:/etc/dropbear/authorized_keys

Now you can ssh to the remote server without entering your password. Keep in mind that all someone needs to login to the remote server, is the file on your local machine ~/.ssh/id_rsa, so make sure it and the machine are secure.

Set the IP address of your MP

Here is a simple script that you can use to quickly set the IP address of your MP via ssh/scp.

#!/bin/bash 

if [[ ! ("$#" == 1 ) ]]; then 
    echo 'Please pass a number between 1 and 254 inclusive'
    exit 1
fi
remcom="uci set network.lan.ipaddr=192.168.2.$1 && uci commit network && reboot"
secure="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
/usr/bin/ssh $secure [email protected] $remcom

The above example assumes that 192.168.2.0/24 is the C-class range you wish to use on your network. It also assumes that you are communicating with the default IP address of a newly flashed MP. The StrictHostKeyChecking setting stops ssh/scp from throwing up an error if this is not the first time you have flashed the MP.