From 3293a80588c96701c59536eb509a4dc0726e373e Mon Sep 17 00:00:00 2001 From: jebba Date: Fri, 4 Feb 2022 17:12:19 -0700 Subject: [PATCH] SSH rsa pub key, network limits --- README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/README.md b/README.md index c8ca7c6..abb16e9 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,17 @@ scp -p ~/.ssh/id_ed25519.pub tici:.ssh/authorized_keys Note: Doing the OpenPilot install removes these keys, apparently. +Notes on SSH keys before OpenPilot is installed: + + +``` +root@tici:~# grep ^AuthorizedKeysFile /etc/ssh/sshd_config +AuthorizedKeysFile /data/params/d/GithubSshKeys +root@tici:~# cat /data/params/d/GithubSshKeys +from="10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+iXXq30Tq+J5NKat3KWHCzcmwZ55nGh6WggAqECa5CasBlM9VeROpVu3beA+5h0MibRgbD4DMtVXBt6gEvZ8nd04E7eLA9LTZyFDZ7SkSOVj4oXOQsT0GnJmKrASW5KslTWqVzTfo2XCtZ+004ikLxmyFeBO8NOcErW1pa8gFdQDToH9FrA7kgysic/XVESTOoe7XlzRoe/eZacEQ+jtnmFd21A4aEADkk00Ahjr0uKaJiLUAPatxs2icIXWpgYtfqqtaKF23wSt61OTu6cAwXbOWr3m+IUSRUO0IRzEIQS3z1jfd1svgzSgSSwZ1Lhj4AoKxIEAIc8qJrO4uymCJ public +``` + + Another way to do this would be to hijack DNS on your own wifi to intercept the Comma Three's connection to github, then redirect the connection to your own server. It depends if it barfs on the SSL or not.