SSH rsa pub key, network limits

main
jebba 2022-02-04 17:12:19 -07:00
parent e8d038d941
commit 3293a80588
1 changed files with 11 additions and 0 deletions

View File

@ -101,6 +101,17 @@ scp -p ~/.ssh/id_ed25519.pub tici:.ssh/authorized_keys
Note: Doing the OpenPilot install removes these keys, apparently.
Notes on SSH keys before OpenPilot is installed:
```
root@tici:~# grep ^AuthorizedKeysFile /etc/ssh/sshd_config
AuthorizedKeysFile /data/params/d/GithubSshKeys
root@tici:~# cat /data/params/d/GithubSshKeys
from="10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+iXXq30Tq+J5NKat3KWHCzcmwZ55nGh6WggAqECa5CasBlM9VeROpVu3beA+5h0MibRgbD4DMtVXBt6gEvZ8nd04E7eLA9LTZyFDZ7SkSOVj4oXOQsT0GnJmKrASW5KslTWqVzTfo2XCtZ+004ikLxmyFeBO8NOcErW1pa8gFdQDToH9FrA7kgysic/XVESTOoe7XlzRoe/eZacEQ+jtnmFd21A4aEADkk00Ahjr0uKaJiLUAPatxs2icIXWpgYtfqqtaKF23wSt61OTu6cAwXbOWr3m+IUSRUO0IRzEIQS3z1jfd1svgzSgSSwZ1Lhj4AoKxIEAIc8qJrO4uymCJ public
```
Another way to do this would be to hijack DNS on your own wifi to intercept
the Comma Three's connection to github, then redirect the connection to
your own server. It depends if it barfs on the SSL or not.