/boot/config.txt: open for write: permission denied
-
Login, and edit this file: sudo nano /etc/ssh/sshd_config
Find this line: PermitRootLogin without-password
Edit: PermitRootLogin yes
Close and save file
reboot or restart sshd service using: /etc/init.d/ssh restart
Set a root password if there isn't one already: sudo passwd root -
I used WinSCP (free download) which is very similar to Filezilla to navigate. Need to use SCP and not SFTP. SSH is disabled by default on the Pi. On the Pi you run (once):
sudo raspi-config
and select 'Interfacing Options' (5?) and then enable SSH.
From the PC side (I assume you're using Windows), run WinSCP and use these defaults (unless you changed):
Hostname: retropie
Port: 22
User name: pi
Password: raspberryTo get the proper permissions you need to click the 'Advanced' button. Select Environment ---> SCP/Shell on the left side. On the right, in the combo box under 'Shell' (and 'Shell' under it) select 'sudo su -'. Click Ok and then click 'Log in'. Should look like Filezilla at this point.
-
I could connect with putty
sudo su psswd
And I changed the passwort. But then I tried to connect with WinSCD but it says passwort is wrong for root. I checked it twice
@edmaul69 said in /boot/config.txt: open for write: permission denied:
Login, and edit this file: sudo nano /etc/ssh/sshd_config
I did this but the file seems blank. There are no entries
-
This is the text of my ssh_condig I found with Filezilla
This is the ssh client system-wide configuration file. See
ssh_config(5) for more information. This file provides defaults for
users, and the values can be changed in per-user configuration files
or on the command line.
Configuration data is parsed as follows:
1. command line options
2. user-specific file
3. system-wide file
Any configuration value is only changed the first time it is set.
Thus, host-specific definitions should be at the beginning of the
configuration file, and defaults at the end.
Site-wide defaults for some commonly used options. For a comprehensive
list of available options, their meanings and defaults, please see the
ssh_config(5) man page.
Host *
ForwardAgent no
ForwardX11 no
ForwardX11Trusted yes
RhostsRSAAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
HostbasedAuthentication no
GSSAPIAuthentication no
GSSAPIDelegateCredentials no
GSSAPIKeyExchange no
GSSAPITrustDNS no
BatchMode no
CheckHostIP yes
AddressFamily any
ConnectTimeout 0
StrictHostKeyChecking ask
IdentityFile ~/.ssh/identity
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_dsa
Port 22
Protocol 2,1
Cipher 3des
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
EscapeChar ~
Tunnel no
TunnelDevice any:any
PermitLocalCommand no
VisualHostKey no
ProxyCommand ssh -q -W %h:%p gateway.example.com
RekeyLimit 1G 1h
SendEnv LANG LC_* HashKnownHosts yes GSSAPIAuthentication yes GSSAPIDelegateCredentials no -
Ah I found the mistake - it is not sshd_config - it is ssh_config.
But I can not find that line with
PermitRootLogin without-passwordIt is strange because with the sudo su psswd I could change the root passwort successfully?!
-
@DrFreeman you need to do sudopasswd root. But you have to fiollow the guide i posted to enable root password first. Then you need to restart the pi for it to work.
-
@DrFreeman i just tested it. It is /etc/ssh/sshd_config
-
@DrFreeman look at the file name at the top. and you see under authentication you see i have:
PermitRootLogin yes
-
Also if you cant get it working, the /boot folder is accessible on a windows computer so you could manually change the config.txt. But it would be better if you could get root access.
-
@edmaul69 said in /boot/config.txt: open for write: permission denied:
Login, and edit this file: sudo nano /etc/ssh/sshd_config
Thank you very much but when I do that the file is blank - it seems it does not exist. Please could you tell me the steps? Sorry I am a noob with the pi :(
-
@DrFreeman ssh_config and sshd_config are 2 different files. try adding this to /etc/ssh/sshd_config and then restart your pi. you might need to install some package that is not on your pi.
# Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 1024 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin yes StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes -
ok so should I add just a blank file first and just reboot?
-
@DrFreeman put this in the blank file, save then reboot.
-
Man, thank you very much and for your patience!!! Really - you made my day :D
Contributions to the project are always appreciated, so if you would like to support us with a donation you can do so here.
Hosting provided by Mythic-Beasts. See the Hosting Information page for more information.