Raspberry Pi configuration guide to use SSH Key authentication with the RaspController application
To generate new RSA SSH key type the following command in the Raspberry PI terminal:
ssh-keygen -t rsa
confirms the name of the file with ENTER and enter a passphrase (recommended).
For Ed25519 keys type (may not work properly):
ssh-keygen -t ed25519
For ECDSA keys type:
ssh-keygen -t ecdsa
If you don’t use any passphrase you need to edit the file /etc/ssh/sshd_config with 'PermitEmptyPasswords yes'.
Edit the file ‘sshd_config’:
sudo nano /etc/ssh/sshd_config
edit the line ‘AuthorizedKeysFile’ removing the # symbol (if present) and adding:
.ssh/id_rsa.pub
(for the Ed25519 key the file name is ‘id_ed25519.pub’)
Save the content of the file pressing CTRL + X (to exit from nano), respond “Yes” at the request of saving, then confirm with ENTER.
Now reboot the ssh service with:
sudo /etc/init.d/ssh restart
or reboot the Raspberry PI.
Copy the ‘id_rsa’ (or ‘id_ed25519’) file generated by the Raspberry Pi to your Android device.
Then import the private key ‘id_rsa’ (or ‘id_ed25519’) to RaspController.
If you are using a user other than the classic ‘pi’ remove the password prompt from this user.
Create a custom sudoers file using (replace bob with your user):
sudo visudo /etc/sudoers.d/010_bob-nopasswd
Insert the following contents on a single line:
bob ALL=(ALL) NOPASSWD: ALL
Save the file and exit.
Raspberry Pi documentation: https://www.raspberrypi.org/documentation/linux/usage/users.md
The previously created keys are placed in the ‘pi’ user folder, now you also need to copy the public key in the root directory.
Create the ssh directory (if not exists) [~ is Alt Gr + ì]:
sudo mkdir ~root/.ssh
Copy the key:
sudo cp ~/.ssh/id_rsa.pub ~root/.ssh/id_rsa.pub
(for the Ed25519 key the file name is ‘id_ed25519.pub’)
