Comment on page
To enable secure access to your device, we use public-key cryptography rather than a default username and password.
In short this means that you generate what’s known as a key-pair. The pair is made up of two files - a public key and a private key. The public key is transferred to your device, and only your private key will be able to log in to it. Your private key is like an extremely secure password and you should never share this with anyone.
- 1.Open your terminal and run:
ssh-keygen -t rsa
- 2.You will be asked where to save your new key-pair Leave this blank if you would like to use the default location
- 3.You can optionally add a passphrase. This is an additional layer of security that will require you to enter your passphrase when using your private key.
- 4.If you selected the default file path you will have two new files:
/home/user/.ssh/id_rsais your private key - again do not share this.
/home/user/.ssh/id_rsa.pubis your public key - this can be shared.
If you read the contents of your public key it will look something like this:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSUOctoVJ5nwQO0I9c8gIK0ijYbOCZKdVmAu8jG0Znl2zvZLFYI7bGFbt/Rr8vjFVh4I2srFB52duirX53LtZF2ZUKMI+8ivaLk+pD7M0WL+sbG1jU2S/IdCUi7HmZ/fSp89UJb23i9Q9AINFdw+0spCjJSWB8+3wGQ4bPUSbNLCtsYv1anO+B26PIN5E9R0X84IVq+x41B1swvlUt15zfMwA7Jhl5fJgl6XzhNYcMdH/qp+r7Ij2d7NM9YR6/yva4/QLqzbPCoelxJLpVHKZ0ZLnhvYOoxRbLbU46AgTljGM3Z7rcvxm2Vl107ZojljuvF6cMXM4NU4peVimn5XOP gez@exampleThis includes three things:
- The encryption protocol used -
- The public key - a seemingly random string
- An identifier of the creator -
Your Mark II device will then fetch this public key from your Mycroft account.
With your public key on your Mark II, and your private key remaining securely on your local machine, you can now SSH into the device.
You can find the IP address of your device by saying "Hey Mycroft, what is my IP Address?".
ssh -p 8222 mycroft@YOUR_IP
You will now be logged in as the
mycroftuser, with the virtual environment active. Your prompt should look like:
From here you can interact with the device as you would any other Linux system.
There are 3 areas that make up the operating system on your Mark II:
mycroftcontainer - contains everything you would expect and is built on a base of Ubuntu 20.04.
awconnectcontainer - contains the WiFi setup application and manages the network connections.
_pv_(Pantavisor) initrd view - boots the system, manages the other containers as well as updates.
You can SSH into both of these containers and the initrd view by using the container name as the username. For example to SSH into
awconnectyou would run:
ssh -p 8222 awconnect@YOUR_IP
Or to SSH into the Pantavisor initrd view you would run:
ssh -p 8222 _pv_@YOUR_IP
There is also a BSP layer that can be mounted for inspection on another machine. This contains the kernel, modules and firmware.
Now that you have SSH access, you can transfer files to and from your device using
scp.To do this, we also need to use the port 8222, however unlike
scpcommand uses the uppercase
my_filefrom our computer, to the Mark II device:
scp -P 8222 my_file mycroft@YOUR_IP:/destination/path/
We can also transfer files in the other direction. Let's grab all of the Mycroft log files in one command using the
scp -rP 8222 mycroft@YOUR_IP:/var/log/mycroft /destination/path/