Jump to content

Not able to connect via ssh on encrypted orange pi box


deepak

Recommended Posts

I followed every step multiple times on my Orange Pi and when I finished following every step mentioned in post

I am not able to connect back on Orange Pi box.

I always get this error when running command :

deepak@PC-sysadmin:~/.ssh$ ssh -p 2222 -x root@192.168.1.102 'echo -n 1234 > /lib/cryptsetup/passfifo'
ssh: connect to host 192.168.1.102 port 2222: Connection refused

 

Please help as I am struck in making my box encrypted, also is there a way to encrypt /boot as well and can we use approach of using LUKS over LVM encryption, something which is followed in this artile (http://www.pavelkogan.com/2014/05/23/luks-full-disk-encryption/)?

if this is possible with Armbian over OrangePI, please share steps.

Any help will be highly appreciated !!!

 

Link to comment
Share on other sites

4 hours ago, deepak said:

also is there a way to encrypt /boot as well and can we use approach of using LUKS over LVM encryption

Sure. Are you going to do it? Document the directions and post your results? Kinda like the tutorial you followed to make this post?
I'm sorry but most of the folks here are focused on building and expanding the Armbian kernel. Not really in a position yet to take feature requests. If they were, they would already be inundated with everyone else's requests and I would imagine it being first come first serve. Sorry. All that is to say..... no. Feel free to contribute though ;D

 

As for the initial inquiry. I honestly have no idea. Full disclosure, I've never had the compulsion to make a fully encrypted system as I've never had reason or drive to but I understand why some might. That being said I'm pretty sure "Connection refused" is WAY too general of an issue. Could be authentication issue, user error, did you experience any issues following that pretty long (especially for linux standards) tutorial? You followed "every step multiple times" but I would find it skeptical if you didn't have 1 or 2 yak shaves in there. Unless OP of tutorial is a wizard.....

 

Can you give us any more details regarding your issue? Honestly, it might be best to contact OP of tut. They might be most qualified/familiar with the pitfalls of the setup. Not to mention, the most inclined individual to help diagnose. Contact him/her?

Furthermore, what's this? Applicable? It does explicitly mention unlocking disk via SSH, is "commented out" and is an edit of the OP that isn't part of the original "steps" you mentioned to have followed multiple times. Could be something depending on if you did/n't do it. Not to mention, I think I'm reading the post right (by commenting out, it allows unlock over ssh) but that's not how I read it the first time.

 

On 5/6/2017 at 2:08 PM, MMGen said:

Update: commenting out the following line in 'boot.cmd' allows you to unlock the disk from the tty as well as via ssh:


# if test "${console}" = "serial" || test "${console}" = "both"; then setenv consoleargs "${consoleargs} console=ttyS0,115200"; fi

 

 

Link to comment
Share on other sites

1 hour ago, martinayotte said:

Although I didn't raad the whole thread and links, why are you trying to do ssh on port 2222 while standard port is 22 ?

I was also wondering this, but the original tutorial also references 2222 not standard SSH of 22.

Link to comment
Share on other sites

4 hours ago, martinayotte said:

why are you trying to do ssh on port 2222 while standard port is 22 ?

Since the original tutorial requires installing dropbear-initramfs package and to avoid conflicts with OpenSSH it is configured to run on another port.

Link to comment
Share on other sites

Assuming all the steps of the tutorial completed without error, this is probably an authorization problem. Make sure you installed the correct SSH public key or keys as described and are unlocking from the correct remote machine. Also make sure dropbear is running. You should see a 'dropbear started' message at boot up if you have a monitor connected.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines