Categories
SysOps

How to install OpenSSH on DietPi operating system

Use internal DietPi utilities is to switch from a Dropbear to OpenSSH Server.

List SSH servers.

$ sudo dietpi-software list | grep SSH
ID 0 | =0 | OpenSSH Client: Feature-rich SSH, SFTP and SCP client |
ID 104 | =2 | Dropbear: Lightweight SSH server | | https://dietpi.com/docs/software/ssh/#dropbear
ID 105 | =0 | OpenSSH Server: Feature-rich SSH server with SFTP and SCP support | | https://dietpi.com/docs/software/ssh/#openssh

Install OpenSSH server.

$ sudo dietpi-software install 105
[  OK  ] DietPi-Software | Initialised database
[  OK  ] DietPi-Software | Reading database

 DietPi-Software
─────────────────────────────────────────────────────
 Mode: Automated install

[  OK  ] DietPi-Software | Installing OpenSSH Server: Feature-rich SSH server with SFTP and SCP support
[  OK  ] DietPi-Software | Free space check: path=/ | available=110718 MiB | required=500 MiB
[  OK  ] DietPi-Software | DietPi-Userdata validation: /mnt/dietpi_userdata
[  OK  ] DietPi-Software | Checking network connectivity
[  OK  ] DietPi-Software | Checking DNS resolver
[  OK  ] Network time sync | Completed
[ SUB1 ] DietPi-Services > unmask 
[  OK  ] DietPi-Services | unmask : haproxy
[  OK  ] DietPi-Services | unmask : cron
[ SUB1 ] DietPi-Services > stop 
[  OK  ] DietPi-Services | stop : cron
[  OK  ] DietPi-Services | stop : haproxy
[  OK  ] DietPi-Software | mkdir -p /mnt/dietpi_userdata/Music /mnt/dietpi_userdata/Pictures /mnt/dietpi_userdata/Video /mnt/dietpi_userdata/downloads /var/www /opt /usr/local/bin
[  OK  ] DietPi-Software | chown dietpi:dietpi /mnt/dietpi_userdata/Music /mnt/dietpi_userdata/Pictures /mnt/dietpi_userdata/Video /mnt/dietpi_userdata/downloads
[  OK  ] DietPi-Software | chmod 0775 /mnt/dietpi_userdata/Music /mnt/dietpi_userdata/Pictures /mnt/dietpi_userdata/Video /mnt/dietpi_userdata/downloads
[ INFO ] DietPi-Software | APT update, please wait...
Hit:1 https://archive.raspberrypi.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye InRelease
Hit:3 https://deb.debian.org/debian bullseye-updates InRelease
Get:4 https://deb.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Hit:5 https://deb.debian.org/debian bullseye-backports InRelease
Fetched 44.1 kB in 3s (16.9 kB/s)
Reading package lists...
[  OK  ] DietPi-Software | APT update

 DietPi-Software
─────────────────────────────────────────────────────
 Step: Checking for prerequisite software


 DietPi-Software
─────────────────────────────────────────────────────
 Step: Installing OpenSSH Server: Feature-rich SSH server with SFTP and SCP support

[  OK  ] DietPi-Software | systemctl stop dropbear
[ INFO ] DietPi-Software | APT install for: openssh-server openssh-client, please wait...
debconf: delaying package configuration, since apt-utils is not installed                                                                                                                             
Selecting previously unselected package ucf.
(Reading database ... 21383 files and directories currently installed.)
Preparing to unpack .../archives/ucf_3.0043_all.deb ...                
Moving old data out of the way                                                                     
Unpacking ucf (3.0043) ...                                                                         
Selecting previously unselected package libwrap0:arm64.
Preparing to unpack .../libwrap0_7.6.q-31_arm64.deb ...
Unpacking libwrap0:arm64 (7.6.q-31) ...                                                            
Selecting previously unselected package openssh-sftp-server.
Preparing to unpack .../openssh-sftp-server_1%3a8.4p1-5_arm64.deb ...
Unpacking openssh-sftp-server (1:8.4p1-5) ...                                                      
Selecting previously unselected package runit-helper.
Preparing to unpack .../runit-helper_2.10.3_all.deb ...
Unpacking runit-helper (2.10.3) ...
Selecting previously unselected package openssh-server.
Preparing to unpack .../openssh-server_1%3a8.4p1-5_arm64.deb ...
Unpacking openssh-server (1:8.4p1-5) ...
Setting up runit-helper (2.10.3) ...
Setting up openssh-sftp-server (1:8.4p1-5) ...
Setting up libwrap0:arm64 (7.6.q-31) ...
Setting up ucf (3.0043) ...
Setting up openssh-server (1:8.4p1-5) ...

Creating config file /etc/ssh/sshd_config with new version
Creating SSH2 RSA key; this may take some time ...
3072 SHA256:Y8ogYfCSTbdZbr9OkF93dMSfeprSeu5NfRUcMitK6ZU root@DietPi (RSA)
Creating SSH2 ECDSA key; this may take some time ...
256 SHA256:YvRBQ/nt6KzEgezuR+6MDNint9gJvsCzYxfUIaYZcEM root@DietPi (ECDSA)
Creating SSH2 ED25519 key; this may take some time ...
256 SHA256:NdKVtEyXBQWZ/Dh6YJ5b1mHTH0XHyt3vS48EWfWex4A root@DietPi (ED25519)
Created symlink /etc/systemd/system/sshd.service → /lib/systemd/system/ssh.service.
Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /lib/systemd/system/ssh.service.
rescue-ssh.target is a disabled or a static unit, not starting it.
Processing triggers for libc-bin (2.31-13+rpt2+rpi1) ...
[  OK  ] DietPi-Software | APT install for: openssh-server openssh-client
[  OK  ] DietPi-Software | Comment in /etc/ssh/sshd_config converted to setting: PermitRootLogin yes
[  OK  ] DietPi-Software | systemctl enable ssh

 DietPi-Software
─────────────────────────────────────────────────────
 Step: Uninstalling Dropbear: Lightweight SSH server

[ INFO ] DietPi-Software | APT purge for: dropbear*, please wait...
(Reading database ... 21496 files and directories currently installed.)
Removing dropbear (2020.81-3) ...
Removing dropbear-bin (2020.81-3) ...
Removing libtomcrypt1:arm64 (1.18.2-5) ...
Removing libtommath1:arm64 (1.2.0-6) ...
Processing triggers for libc-bin (2.31-13+rpt2+rpi1) ...
(Reading database ... 21457 files and directories currently installed.)
Purging configuration files for dropbear (2020.81-3) ...
[  OK  ] DietPi-Software | APT purge for: dropbear*

 DietPi-Software
─────────────────────────────────────────────────────
 Step: Finalising uninstall

[  OK  ] DietPi-Software | systemctl daemon-reload
[  OK  ] DietPi-Software | systemctl unmask dbus
[  OK  ] DietPi-Software | systemctl start dbus
[  OK  ] DietPi-Software | systemctl unmask systemd-logind
[  OK  ] DietPi-Software | systemctl start systemd-logind
2021-11-17 13:39:07 [ INFO ] DietPi-RAMlog | Storing /var/log to /var/tmp/dietpi/logs/dietpi-ramlog_store...
2021-11-17 13:39:07 [  OK  ] DietPi-RAMlog | Stored /var/log to /var/tmp/dietpi/logs/dietpi-ramlog_store.
[ SUB1 ] DietPi-Services > dietpi_controlled 
[  OK  ] DietPi-Services | dietpi_controlled : haproxy
[  OK  ] DietPi-Services | dietpi_controlled : cron

 DietPi-Software
─────────────────────────────────────────────────────
 Step: Install completed

[  OK  ] DietPi-Survey | Sending survey data
[ SUB1 ] DietPi-Services > restart 
[  OK  ] DietPi-Services | restart : haproxy
[  OK  ] DietPi-Services | restart : cron
[ INFO ] DietPi-Software | Starting installed services, not controlled by DietPi-Services
[  OK  ] DietPi-Software | systemctl start ssh

Ensure that service is listening and waiting for connections.

$ sudo ss -tlpn
State               Recv-Q              Send-Q                           Local Address:Port                            Peer Address:Port              Process                                         
LISTEN              0                   32                                 10.114.53.1:53                                   0.0.0.0:*                  users:(("sshd",pid=633,fd=3))