Understanding SSH Keys

What Are SSH Keys?

As opposed to the usual username and password authentication method, you can establish an SSH connection using a method that is known as SSH key-based authentication.

SSH keys are considered an extremely secure way of logging into your device/server, and is often the recommended way to establish all SSH connections as opposed to username and password authentication.

SSH keys come in pairs (private & public). The private key remains a secret to the client (i.e. the computer you use to initiate an SSH connection). This private key is considered the most vital, as any access to a private key can compromise your device and allow attackers to log in over SSH.

As opposed to your private key, your public key can be shared freely as only your private key can decrypt messages sent over SSH using said public key. This public key is uploaded to the device you wish to access via SSH and is stored in a specific file within the home directory of the user you wish to log in as.

How a Secure Connection is Formed

When we attempt to log into our device over SSH, using key-based authentication, the remote device will respond with a message which the SSH client (our computer/laptop we are using to initiate an SSH connection) must encrypt using its locally stored private key.

The client then responds with this encrypted message, which the remote device will then attempt to decrypt using one of the public keys originally uploaded in the setup procedure.

If the remote device successfully decrypts the message (I.e., if the original message matches the decrypted message), then an SSH connection is authenticated.

Understanding this connection method really shows how vital it is to safely secure your private SSH key.

Creating a Private & Public Key

It is worth noting at this point, that the command to generate a private & public key-pair exists on Linux/Mac computers by default (or at least after installing the OpenSSH libraries). Windows users will need to download a program such as Git and expose it’s commands on the system path.

The command to generate a key-pair is

> ssh-keygen

Upon entering this in the command prompt/terminal (on the local client), you will be asked to enter a location to save the keys. By default, this command creates two files, id_rsa and id_rsa.pub in the .ssh folder found in the home directory of the currently logged in user. For example:

~/.ssh/id_rsa 

~/.ssh/id_rsa.pub

You can simply click enter at this point, to save in the default location (recommended).

If you wish to encrypt the keys on disk (recommended) you can do so now. If you do not wish to enter a passphrase, simply leave it blank and hit enter.

Uploading Your Public Key to Remote Device

Now that we have our private and public key-pair stored on our client, we are ready to upload our public key to the special file which stores all accepted public keys on the remote device. It is important to note, that the location is stored in the .ssh folder in the home directory of the user.

For example, if we want to log in as the user “bob” but we upload our public key to the user “brian” then we won’t be able to initiate an ssh connection via bob@<remoteIP>, but we would be able to via brian@<remoteIP> .

So, first things first is to get the contents of your public key (on the local client). This can be done by cat’ing your public key to the terminal via:

> cat ~/.ssh/id_rsa.pub

You will see a massively long string (key based authentication is very secure!). You simply need to copy all of this output.

Now on your remote device, log into the account of the user you wish to log in via SSH as and append your public key by entering the following in the command prompt:

> echo your_public_key >> ~/.ssh/authorized_keys

Where “your_public_key” is the contents of the file you originally copied.

NOTE: You may have to ensure your SSH directory exists if you have not set this up before. You can do this simply by entering the following (safe to do, if the directory already exists)

> mkdir –p ~/.ssh

Log in via Key-based SSH

With your public key uploaded to the remote device, we can now go back to our local client. We can attempt to initiate an ssh key-based connection by entering the following

> ssh username@<remoteIP>

If you entered a passphrase for your private key file, you will be prompted to enter that passphrase now. Otherwise your connection will be established.

If you wish to disable password authentication (I.e. a less secure authentication method), you can do so by entering the following on the remote device

> sudo nano /etc/ssh/sshd_config

Ensure the following line exists and not commented out (via a # symbol)

PasswordAuthentication no

Finally press ctrl + X to exit the file and “Y” to confirm changes.

You will then need to restart the machine.

Synergy Setup For Raspberry Pi

Introduction

Synergy is a cross platform tool that allows you to share your keyboard and mouse across any device with a synergy client running – this means you can use one keyboard and mouse and still use all your Mac/Windows/Linux devices (including your Raspberry Pi!).
I won’t talk about setting up Synergy on your PC, as this is extensively documented. If you want to know how to do this, here is a YouTube video showing how to setup Synergy for your main PC.
Instead I will focus on showing you how to install Synergy on your Raspberry Pi, more specifically your Pi running Raspian. Note that this tutorial will not benefit users of a headless OS such as Raspbian Lite.

Prerequisites

Before you begin, you must set up a synergy server on your main PC (the one with the keyboard and mouse you intend to use).

Whilst setting up the server, be sure to add a computer via the “Screens and Links” tab and name it “pi”. Your server setup should look something similar to the following:

Computer Setup for Synergy Server Image
Computer Setup for Synergy Server

Installing Synergy

To install Synergy on your Pi, we will be using the trusty apt-get package manager that we’ve used a number of times so far. The command is simply:
> sudo apt-get install synergy
If it asks you to continue simply enter “y” and hit enter.
That’s it! You have Synergy installed (aren’t package managers amazing?!)… but not yet configured!

Configuring Synergy Client

The last piece of the puzzle is to configure the pi as a Synergy Client, by telling it the name of the server you wish to connect to.
To do this, we will create a shell script which starts up synergy on our Pi using the connection settings we specify. To create this script, enter the following into the terminal:
> sudo touch /usr/bin/startsynergy

This will create our script named “start synergy” in the “/usr/bin” directory, which is on the system path by default, allowing us to execute the script anywhere with the command “startsynergy”.

Open up the script using the Nano Text Editor:
> sudo nano /usr/bin/startsynergy
Enter the following:
#!/bin/bash

killall synergyc    # Kill all previous synergy clients
sleep 1                 # Wait 1 second

synergyc --name pi <server name goes here>  # See below
exit 0   # Exit gracefully
Save the file by pressing “CTRL + X” and hitting “Y” to confirm the save.
The main contents on the script is the last line starting with “synergyc –name…
We are setting up a synergy client with the name pi (or whatever you specified as the pis name when you added a second computer on your synergy server).
Lastly <server name goes here> should be replaced with the name of your Synergy server, again, this is specified on your Synergy server setup.

Running Synergy Client

To run the script, we first need to tell the pi that this file should be executable. To do this enter the following:
> sudo chmod +x /usr/bin/startsynergy
Now finally, we can simply run the client with the following command in the terminal on the Pi:
> startsynergy
If your Synergy server was running, you should now be able to see “client pi connected” in the output log (on the server) and you should be able to use your keyboard and mouse seamlessly across your PC and your Pi.
TIP: To make your synergy script execute on startup, read my post on how to execute a script on startup.

Using Visual Studio Code With Raspberry Pi Network Share [Windows]

Introduction

Just like the previous tutorial, we setup Visual Studio Code Raspberry Pi on our Mac, this tutorial describes the process of setting Visual Studio Code up on Windows for use with the Raspberry Pi.

I won’t duplicate information and state the steps to install VS Code and the plugins, they can be found here. We will jump straight into setting up a network share on our Pi so we can access it from our Windows Machine.

Setting up a Network Share

To allow Windows PCs to view shared folders on the Raspberry Pi, we must install Samba. Just like we did with Netatalk for the Mac, we will use the Raspbian apt-get package manager to do so.

First thing you want to do is log in via SSH to your Pi so we can install Samba and edit its config files.

To install Samba we need to install the package “Samba” and also an additional package known as “samba-common-bin”. Luckily, we can do this in one command (because we’re too lazy to do it twice, right?)

> sudo apt-get install samba samba-common-bin

If you are prompted to confirm install, type “Y” and hit enter.

Edit Samba Config

Unlike setting up a network share via Netatalk, we must edit the config file for Samba to tell it what folders we would like to share and what permissions we should allow.

To edit the config file simply open it in the Nano Text Editor by entering the following:

> sudo nano /etc/samba/smb.conf

Before we state what folders we want to share, we must first ensure that samba is to have Windows support enabled and to specify the workgroup our network is on.

To enable this, we must set the following:

workgroup = WORKGROUP
wins support = yes

You must ensure that there is no “#” in front of these lines, as this is a comment and will result in the setting being ignored. It’s also worth mentioning that your workgroup name may differ. This guide shows you how to view the workgroup name

As an example, here are the settings on my Pi

Samba Workgroup Settings Image
Samba Workgroup Settings

The final step is to let Samba know what folders we want to share. To do so, simply scroll to the bottom of your file using the arrow keys on your keyboard and enter the following (changing the locations to what you require).

[pihome] # Name of share in network locations
    comment="share location containing code files"
    path=/home/pi # Location to the folder we want to share
    browseable=yes # Folder is visible in network
    writeable=yes # We can create files
    only guest=no # Username and password required
    create mask=0777 # permissions for creating files
    directory mask=0777 # permissions for directory
    public=no # remote access

Save the file by pressing “ctrl + X” then hitting “Y” to confirm.

Creating a Samba User

Unfortunately, Samba doesn’t use the Pis username and password by default. We have to tell Samba the username and password for the users we want to allow access. To do this, we must enter the following in the terminal

> sudo smbpasswd -a pi

It will then prompt you to enter (and again to confirm) the password for the user “pi” we just created.

Testing the Network Share

Now that we have created the shared directory and created a username and password we can go back to our windows machine and go to our network places. You should see your Raspberry Pi appear in your network. For me, my pi is called “RASPBERRYPI”

Raspberry Pi on Windows Network Image
Raspberry Pi on Windows Network
Upon double clicking your Pis network share, you will be prompted for a username and password. Simply enter the details you created in the “Creating a Samba User” section of this tutorial and you should then be able to see your shared locations!
Pi Shared Folders on Windows Network Image
Pi Shared Folders on Windows Network

Using Visual Studio Code

Now that we have Visual Studio Code installed on our PC, and have access to the Pis home directory (where we save our scripts) we can start to edit our code!

Simply drag a file from the Raspberry Pi network share into Visual Studio Code. Any changes you make and save will be updated on the Pi itself.

Alternatively, you can open a folder from within Visual Studio code by clicking “file -> open folder” and navigating to the folder on the Pi that you want to open.

Happy Intellisense!

Fixed IP Address Over Ethernet & WiFi [Raspberry Pi]

Introduction

If you intend on using a headless OS (such as Raspbian Lite) for your Pi, setting up a Fixed IP address is a must. With this setup, you can SSH into your Pi with nothing more than an Ethernet cable and a power supply connected to your Raspberry Pi.

Setting Up a Fixed IP

Before you can go about setting up a fixed IP address, you will first need to either connect to your Pi via SSH or connect a monitor, mouse and keyboard so that you can edit the configuration files.

Once you are ready at the terminal on your pi, open up the dhcpcd.conf file with nano by entering

> sudo nano /etc/dhcpcd.conf

Some posts around the internet talk about using an “interfaces file” for setting up a fixed IP. This used to be how Raspbian managed assignment of IP addresses, but has now moved over in favour of the dhcp client.

With the config file open in nano, scroll down to the bottom using your keyboards arrow keys to the end of the file. Enter the following:

interface eth0
 static ip_address=192.168.1.5/24
 static routers=192.168.1.1
 static domain_name_servers=192.168.1.1
This looks like there is quite a lot involved, but broken down it is fairly straight forward.

interface eth0

Specifies which interface we want to assign the fixed ip address to. In this example we are assigning it to the ethernet port. If you have multiple ethernet wires plugged in (via a usb with ethernet adapter, for example) there will be more interface addresses such as eth1 etc. The same applies to WiFi, who’s interface range starts at wlan0.

 static ip_address=192.168.1.5/24

The most important line of all! 192.168.1.5 is the IP address you want to be assigned to your Pi.

What is the “/24” for? You may be wondering… This number represents the subnet mask, more specifically, how many bits of the mask should be 1 and the remainder being 0. As you may know, a common subnet mask is 255.255.255.0 – as the subnet mask is a 32bit integer, this would be represented as /24 (i.e. the first 24 bits are 1’s and the remainder (8 bits) are 0).

static routers=192.168.1.1

This one is fairly straight-forward. This is basically the IP address of the router you are connected to. Of course, change the IP address here to match your routers settings.

static domain_name_servers=192.168.1.1

The final piece of the puzzle, and quite a simple one, is the dns settings. This is usually the same as your routers address, so change this accordingly.

Saving Settings

Finally, to save your settings:
  • ctrl + X to quit nano
  • Y to confirm to save
For the new settings to be applied, you will need to restart your Pi. Simply type the following:
> sudo reboot

How to Debug a C++ Maya Plugin Using Visual Studio

Introduction

This post is not about creating a C++ Maya plugin, it is aimed at setting up debugging in Visual Studio for the plugin.

note: If you see the word “MayaMorph” in this post, it is because the project I am building is morphing between two geometric meshes. If you are interested there is more info on my website https://nickcullen.net.

Project Setup

We start off in Visual Studio. Open up your Maya plugin solution.

  • 1. Right click your plugins project properties

    Opening Visual Studio Project Properties Example
    Opening Visual Studio Project Properties Example
  • 2. Under Configuration Properties -> Debugging set the "Debugger to launch" option to "Local Windows Debugger".
Debugging Options Configuration Wiindow
Debugging Options Configuration Wiindow
  • 3. In the "Remote Command" entry, you want to put the full path (including extension) to the maya executable. For example my Maya is located at "C:\Program Files\Autodesk\Maya2016\bin\maya.exe" (Yours may be different!).

A handy trick to get the the full path to a file on your windows machine is to hold shift + right click on the executable, then click “Copy as Path“. You can simply paste the value into “Remote Command” removing any quotation marks.

  • 4. Set the "Attach" value to "Yes". This option attempts to attach the debugger to an already running Maya instance. Without this, it will launch Maya every time you launch the debugger.

Your values should look similar to these:

Values of set debugging properties
Values of set debugging properties

Your debugger is all set up.

If you haven’t done so yet, set some breakpoints and open Maya. Don’t run the debugger until Maya is fully open.

Debugging Maya Plugin

Once Maya is fully open, plugin compiled and loaded you can attach the debugger.

1. Click the "Local Windows Debugger" option at the top or simply hit F5
Selecting the debugger to run example
Selecting the debugger to run

Once you execute your plugin from within Maya, you should hit one of your break points like so.

Hitting a breakpoint example
Hitting a Breakpoint

Happy debugging!

Connect Raspberry Pi Via SSH

Introduction

One of the most fundamental methods with Raspberry Pi development is the ability to connect your Raspberry Pi via SSH to manipulate files and execute scripts which run on the Pi.
The following tutorial will apply for all platforms, however Windows does not have SSH built in by default. To allow SSH access to the Pi via windows, it is recommended to download a program called PuTTY.

With PuTTY, you can simply enter (and save) the IP Address of the pi, username and password (will get onto this in a moment) and click open.

PuTTY Configuration Window
PuTTY Configuration Window
For the purpose of this tutorial, I will use the ‘terminal’ way for connecting over SSH. Once you connect over SSH via PuTTY on Windows, you will be at the same point post-connection as you are connecting to the Pi via a Mac/Linux computer.

SSH Setup

Pi Requirements

To begin, you first need to enable SSH on the Pi itself. Unfortunately, this does require you to have a keyboard (+ mouse if you are not running a headless version of Raspbian) plugged into the Pi for the time being.

To enable SSH, we must use the raspi-config menu:

  1. Boot up the Pi
  2. Type “sudo raspi-config” at the terminal
  3. Navigate to “Advanced Options”
  4. Select “Enable SSH”
  5. Restart the Pi by selecting Finish

Important Note: If this is the first time you have booted up the Pi, before you restart the Pi (step 5), you must enable the device to auto log-on. Without this option enabled, your Pi will wait in a state where it is prompting you to enter the username and password for the user you want to log into. While the Pi is in this state, you will not be able to SSH into the Pi! See “Enable Boot to desktop” in the raspi-config manual

Connecting To the Raspberry Pi Via SSH

Now that SSH is enabled on our Pi, we can remove our keyboard and mouse which was previously connected to it and ensure the Pi is plugged into the same network as our main computer.

Default Settings

Unless you have changed them, the default settings for the Pi are as follows:

  • Username: “pi”
  • Password: “raspberry”

Opening the Connection [Mac & Linux]

Open up the terminal and enter the following command:

> ssh pi@192.168.1.5

A prompt will appear to enter the password of the user you wish to log in as. In this example, the user “Pi” is chosen.

Of course, don’t forget to change the IP address to match the address of your Pi.

Opening the Connection [Windows]

Simply open PuTTY, enter the IP address of the Pi, along with the username and password of the user you want to log in as (see default settings if you have not made any changes to the Pis user account) and click open.

Getting the IP Address of the Pi

In a future post I will describe how to set up a fixed IP address for your Pi. For now, your Pi will need to be plugged into a monitor. When you boot up your Pi, you should be able to see the following.

IP Address Shown on Boot Image
IP Address Shown on Boot

For those interested in understanding how SSH works and additional security measures to take, read Understanding SSH Keys