DE1-SoC: Using SSH keys
The standard Linux SD-Card images that you can get for the DE1-SoC board from the Terasic website have the SSH daemon enabled by default. Through this SSH connection it is possible to log in from a remote terminal or upload files SCP. However, by default you always have to enter a password. This short guide will show how to configure the systems to use SSH keys so no passwords are needed anymore. Furthermore, we will assign a static IP to the board.
This guide is not really specific to the DE1-SoC board. The same steps can be used on any Linux running an SSH server.
Before we start on setting up the SSH keys we want to assign a static IP to the DE1-SoC. This way we don’t have to look up it’s IP every time the IP changes.
Assigning a static IP is just a matter of altering the configuration in
/etc/network/interface. The DE1-SoC is connected via the ethernet jack to the network. However, the default configuration file also contains configurations for other interfaces such as a second ethernet interface and a WiFi card. We can throw out all configurations but the one for the
lo and the
The following configuration file sets the IP of the DE1-SoC to
# Internal loopback interface auto lo iface lo inet loopback # Wired or wireless interfaces auto eth0 iface eth0 inet static address 192.168.1.100 netmask 255.255.255.0 network 192.168.1.0 gateway 192.168.1.1
Make sure that you choose the IP range suited to your network configuration.
Setting up the SSH keys
The following guide assumes that your host (desktop computer) is a Unix machine. However, everything works perfectly fine within a Cygwin environment on Windows.
First we have to generate an RSA public and private key pair on our host computer. This is done by using the
ssh-keygen -t rsa
The program will ask for both a key location and a passphrase. Leaving the key location to default and not setting any passphrase will simplify later usage.
You also want to make sure that permissions of the SSH keys are set so only your user can access them. This can be done by applying
chmod 600 on both the public and the private file.
Uploading the key
The next step is to upload the generated public key to the DE1-SoC. This is done using SCP:
scp ~/.ssh/id_rsa.pub email@example.com:/home/root
Adding the key
Once the public key is uploaded to the DE1-SoC it is time to log in with through a remote terminal. First, we have to add the key to the
autorized_keys file so the SSH server will know our key:
cat id_rsa.pub >> ~/.ssh/authorized_keys
The key has now been added to the SSH configuration and you can remove the uploaded key file from the DE1-SoC.
The last step is to tell the SSH server to use key files. This is done by adding the following entry to
Now we are ready to try out the new setup. When connecting via SSH the
-2 parameter needs to be passed:
ssh -2 firstname.lastname@example.org
When using SCP, passing
-i will tell SCP to look for the key files. When the keys are not in the standard location the path to the public key needs to be passed after this parameter:
scp -i file.txt email@example.com:/home/root