{"id":436,"date":"2015-01-15T03:34:48","date_gmt":"2015-01-15T02:34:48","guid":{"rendered":"http:\/\/www.dereckson.be\/blog\/?p=436"},"modified":"2015-01-16T02:11:32","modified_gmt":"2015-01-16T01:11:32","slug":"chromebook-run-a-ssh-server-on-chrome-os","status":"publish","type":"post","link":"https:\/\/www.dereckson.be\/blog\/2015\/01\/15\/chromebook-run-a-ssh-server-on-chrome-os\/","title":{"rendered":"Chromebook: run a SSH server on Chrome OS"},"content":{"rendered":"<p>In this post, we&#8217;ll cover how to run a SSH server\u00a0<strong>directly<\/strong> on Chrome OS (ie not into a Crouton chroot).<\/p>\n<p>One of the first things I do on any machine (FreeBSD, Linux, Mac OS X or Windows) is to install, run and configure the SSH server. It&#8217;s always convenient to be able to scp from and to a computer, or to log in remotely. Even for workstations.<\/p>\n<p>Chrome OS is a reasonable if minimal standard Linux installation offering access to iptables and sshd (and openvpn by the way), so it&#8217;s as easy to run sshd and to allow incoming traffic on port 22.<\/p>\n<h3>Setup<\/h3>\n<p>1. If it&#8217;s not already done, switch your chromebook in developer mode, so you can execute commands as root.<\/p>\n<p style=\"padding-left: 30px;\">Do a backup of your data, as you&#8217;ll wipe your current Chrome OS partitions.<\/p>\n<p style=\"padding-left: 30px;\">On most recent machines, restart in recovery mode (ESC + REFRESH + POWER), then when it boots, CTRL + D to enter the developer mode.<\/p>\n<p style=\"padding-left: 30px;\">Hit enter to turn off OS verification. It will then restart. Now and everytime after, you&#8217;ll need to do a CTRL + D to boot.<\/p>\n<p style=\"padding-left: 30px;\">It will then wipe your chromebook and reinstall a fresh Chrome OS version. The process takes 6 to 7 minutes.<\/p>\n<p style=\"padding-left: 30px;\">Former machines require to use an hardware switch, generally located below\u00a0the battery. Be gentle with this switch, it breaks easily.<\/p>\n<p>2. Launch a console with the shorcut ctrl + alt + t, then write <code>shell<\/code> to open a full bash shell (if the shell command isn&#8217;t available, you aren&#8217;t in developer mode).<\/p>\n<p>Become root with <code>sudo su<\/code>.<\/p>\n<p>3. Setup SSH keys :<\/p>\n<pre>mkdir -m 0711 \/mnt\/stateful_partition\/etc\/ssh\r\ncd \/mnt\/stateful_partition\/etc\/ssh\r\nssh-keygen -t rsa -f ssh_host_rsa_key\r\nssh-keygen -t dsa -f ssh_host_dsa_key<\/pre>\n<p>4. Run SSH:<\/p>\n<pre>\/usr\/sbin\/sshd<\/pre>\n<p>5. Allow world to connect to port 22:<\/p>\n<pre>iptables -I INPUT -p tcp --dport 22 -j ACCEPT<\/pre>\n<p>6. Add your public keys to ~chronos\/.ssh\/authorized_keys file. Authentication by password isn&#8217;t available.<\/p>\n<p>7. You&#8217;re now able to log in from the world to your chromebook.<\/p>\n<pre>ssh chronos@yourmachine<\/pre>\n<h3>Sources<\/h3>\n<p>Andrew Sutherland,\u00a0<a href=\"http:\/\/slightlymorethanworthless.blogspot.fr\/2011\/01\/cr-48-chromium-os-ssh-server.html\">cr-48 chromium os ssh server<\/a>, 14 January 2011.<\/p>\n<p>CentOS wiki contributors,\u00a0<a href=\"http:\/\/wiki.centos.org\/HowTos\/Network\/IPTables\">IPTables<\/a>, CentOS wiki.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this post, we&#8217;ll cover how to run a SSH server\u00a0directly on Chrome OS (ie not into a Crouton chroot). One of the first things I do on any machine (FreeBSD, Linux, Mac OS X or Windows) is to install, run and configure the SSH server. It&#8217;s always convenient to be able to scp from [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45,50],"tags":[228,96],"class_list":["post-436","post","type-post","status-publish","format-standard","hentry","category-misc","category-sysadmin","tag-chrome-os","tag-openssh"],"_links":{"self":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts\/436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/comments?post=436"}],"version-history":[{"count":7,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts\/436\/revisions"}],"predecessor-version":[{"id":460,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts\/436\/revisions\/460"}],"wp:attachment":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/media?parent=436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/categories?post=436"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/tags?post=436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}