Where to put public keys?

mentalo

Hi there
I want to connect to my Recalbox through SSH, without a password. So I need th put my public keys on it.
Usually, these keys are stored in ~/.ssh/ directory (see a documentation here: https://phoenixnap.com/kb/ssh-with-key#ftoc-heading-3)
But this directory /home doesn't exist in the recalbox.
I've searched in others dirs, I didn't find anything named "ssh" or something like that.
Can someone tell me where I have to put the keys to allow this SSH connection?
Thank you

poppadum

@mentalo Put them in /recalbox/share/system/.ssh/authorized_keys

mentalo

Hello @poppadum
Thank you.
I'm a little confused here.
I see I have a ssh directory "/recalbox/share/system/ssh", but nothing with a dot (/recalbox/share/system/.ssh). Should I use the hidden directory with the dot, or should I create the one with the dot, as you said?
Then, I've tried to chmod 600 the file /recalbox/share/system/sshauthorized_keys, connected with root, but it remains in 644 permissions. Which is the good permissions to put? Is 644 ok?
Thanks again for your help.

poppadum

@mentalo The already existing directory /recalbox/share/system/ssh contains the host keys so leave that directory alone.

Create the directory /recalbox/share/system/.ssh and then create the file authorized_keys inside it with your public key. The reason the permissions don't stick is that it's a exFAT filesystem which doesn't understand unix permissions: leaving it at 644 is OK.

My .ssh directory looks like this (not my real public key obvs):

# ls -alF /recalbox/share/system/.ssh/
total 384
drwxr-xr-x    1 root     root        131072 Nov  8 09:37 ./
drwxr-xr-x    1 root     root        131072 Jan  1  1980 ../
-rw-r--r--    1 root     root           107 Nov  8 09:37 authorized_keys

# cat /recalbox/share/system/.ssh/authorized_keys 
ssh-ed25519 AAAA1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ root@recalbox

mentalo

Hello
Thanks @poppadum it's clearer. It's seems to work
Now I'm gonna try to connect through a script, to automatize backups of saves files.

poppadum

@mentalo Excellent

If you're backing up to Linux or MacOS then rsync is very useful. Something like this should be close to what you want:

rsync -rltvh --modify-window=1 \
  -e "ssh -i /path/to/private_key" \
  root@recalbox:/recalbox/share/saves/  ./backup/saves/

mentalo

@poppadum Yes it's from Linux.
I try to make a script with bash, using rsync as you said, but I learn from the beginning so it's hard, but it's how we learn.
I didn't know the -e option of rsync, maybe it's the solution to my actual problem, because even connected with ssh, the commands (like ls or pwd) show my local environment, and not the recalbox system. I will try it!
Thanks again

poppadum

@mentalo To be clear: run that rsync command on your Linux machine not on your recalbox.

But first make sure that you can connect to your recalbox with:
ssh -i /path/to/private_key root@recalbox

mentalo

@poppadum Yes it's working, my bash script is on:
/home/mentalo/Documents/Scripts/recalbox/backup_saves.sh

#!/bin/bash

ssh_key_abs_path="/home/mentalo/.ssh/"
ssh_key_file_name="id_ed25519" # be sure to generate private / public keys before to run the script
ssh_connection_user="root"
ssh_host_name="recalbox" # be sure to add in /etc/hosts the hostname "recalbox" with the IP (generally 192.168.X.XX)

src_recalbox_saves_dir="/recalbox/share/saves/"
dst_recalbox_saves_dir="/path/to/local/backups/directory/"

rsync -rltvh --modify-window=1 -e "ssh -i ${ssh_key_abs_path}${ssh_key_file_name}" ${ssh_connection_user}@${ssh_host_name}:${src_recalbox_saves_dir} ${dst_recalbox_saves_dir}

Small but super-efficient
Now I'm going to add a file to put variables, check directories before to run rsync, add the script in crontab, etc.

Maybe it could be added in the Recalbox documentation?