I'm trying to make a script that will take control of an android device in a farm with adb connect making the connection through OpenSTF. One of the requirements for the device to accept the connection from a client is to provide the content of adbkey.pub in OpenSTF.
However, it seems that newer versions of ADB do not generate this file anymore, only the private key. From what I could collect from the AOSP repository, this is intentional https://github.com/aosp-mirror/platform_system_core/commit/2dc4cabe0639c71014d729dd92eff19289429c89
After reviewing the AOSP commit I realized that ADB keypairs are made with the RSA protocol, and I found an example of how to obtain the public key from the private in this Stack Exchange question. However, the format of the public key for the OpenSSL output and the adbkey.pub are different. At first I thought that it's just encoded in base64 but even with this the outputs don't match.
This is an example of an ADB public key from adb keygen using an older version of ADB.
QAAAAFNrmDYl72IeYbMQiOlKulhv2lH3CKyeK6EgwyUxptsdPmvCCRmxtvecilLzE74OzoRVQKZeCBI/qMnWj1hBU8t6YE0FQ1CUKAFO5UYp/S7GH/+tlHKunl/mmm/Izjs4L6ajl+kp3XBBrYryIJtRH5iJRi9T96gRq2ya+h9v/v/ITNvdCKLNVObBCLCj+4fmkoxVEXnSLyQtyPAl/AiMAiK/WXryatNkuBdAr6m9M/ay693Oj07I3UFxLqzwHhoeb2CZzC0//AwUDgRHtyxDyrAKaoxirhoaJ4Q8Tbn6jRtOaV0uvtCBfs4kIUoM/DLPfjZq8Al8PHPuEwvOMaAGF+JSXHywjWfstcxT3c7xjn2Zq19R4kuf63dfEqtv+NA/PhH94oMQtiZsp92JpT0h22tWAoQAF9jr2puwVzMj8i/k0iDLMRnp/5E6UVsziP8PG9DgIpeTjL2NMjE0Kheq+CufIozhcvGudg+MJaJED4XHK7hQrU0QCvu1kOqO+/VtW4zmTCfg8nY556A73vtllrMLsG2OgZTyQT0SrBOBd2AaYOB90l7//hlfpqAA8XANG0MHkyPsi/xtKga6Zsu+a2L9Hl2rUWNB6T9AEmyzmapCMUBilAuNtZ+Pt9esqzD9+/aKSIHdUu1gPKZtKTgh+pqYNgyipq0UMWpexkZfpMsLTddGIgEAAQA= carolinadp#carolinadp-GL62M-7RD
And this is a public key made with OpenSSL from the same private key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHxcUuIXBqAxzgsT7nM8
fAnwajZ+zzL8DEohJM5+gdC+Ll1pThuN+rlNPIQnGhquYoxqCrDKQyy3RwQOFAz8
Py3MmWBvHhoe8KwucUHdyE6Pzt3rsvYzvamvQBe4ZNNq8npZvyICjAj8JfDILSQv
0nkRVYyS5of7o7AIweZUzaII3dtMyP/+bx/6mmyrEaj3Uy9GiZgfUZsg8oqtQXDd
KemXo6YvODvOyG+a5l+ernKUrf8fxi79KUblTgEolFBDBU1gestTQViP1smoPxII
XqZAVYTODr4T81KKnPe2sRkJwms+HdumMSXDIKErnqwI91Hab1i6SumIELNhHmLv
JQIDAQAB
-----END PUBLIC KEY-----
How can I obtain the ADB public key?
I think you should use adb to generate a new private and public key pair (assuming linux):
cp ~/.android/adbkey ~/.android/adbkey.bak (backup existing key)
rm ~/.android/adbkey
cd $ANDROID_HOME/platform-tools
./adb keygen adb
Note:
I am assuming you have setup android sdk on the machine where you would like to generate the adbkey.pub, hence the existing $ANDROID_HOME path
I have got the "Connection refused" problem on OpenSTF when my adb version is upgraded to Version 28.0.2-5303910(so the adbkey.pub is gone)
Android Debug Bridge version 1.0.40
Version 28.0.2-5303910
and now I finally solved it just by upgraded adb to the latest version
Android Debug Bridge version 1.0.41
Version 29.0.6-6198805
Hope this helps.
You can use ssh-keygen to retrieve public key from your private key, like this:
ssh-keygen -y -f adbkey > adbkey.pub
Maybe you need to remove the “ssh-rsa ” from the generated pub key file.
Related
Struggling to make Remote-SSH working in VS Code.
My local machine is Windows 10 and remote machine is Ubuntu 20.04. I have set configuration file "config" in C:\Users\xxx.ssh folder as bellow:
Host EC2
HostName ec2-xx-xxx-xxx-xx.compute-1.amazonaws.com
User xxxx
IdentityFile D:/1WWW/KeyPairs/myKeyPair.pem
But its not working.
I am sure there is some problem in my identityFile path, but I don't know what. Any guidance please.
Try using '~' (home path) instead of using the full path
I would suggest to use puttygen.exe to generate a pair of public/private key.
Anyway the private key generated is not directly usable (it has a .ppk extension) and you need to go to Convertions -> Export OpenSSH key to get your private key in RSA format that can be used in the IdentityFile
I have set up a SQL Server database server on my Ubuntu 16 machine. To make it secure over a host network I am working on adding an SSL encryption certificate on it.
I tried following the steps as mentioned on this link ssl-encryption-mssql
But after restarting the service of SQL Server, it breaks giving the below exit code status
code=exited, status=1/FAILURE
I even tried to check the logs using journalctl -u mssql-server.service -b but it is not helpful at all. For the referrence, I am adding the screenshot of journalctl command below:
My /var/opt/mssql/mssql.conf looks something like this after following the steps from official doc.
[sqlagent]
enabled = false
[EULA]
accepteula = Y
[network]
tlscert = /etc/ssl/certs/cert.pem
tlskey = /etc/ssl/private/privkey.pem
tlsprotocols = 1.2
forceencryption = 1
EDIT-1: I further checked out the logs from /var/log/syslog, it stated the following log-
Error: 49940, Severity: 16, State: 1.Unable to open one or more of the user-specified certificate file(s). Verify that the certificate file(s) exist with read permissions for the user and group running SQL Server and found this question which seems similar, I tried the approach as told by Charles but it doesn't seem to work. Even I am using the Let's Encrypt Certificates.
EDIT-2: It is not a licensed version, could this be the reason?
How to resolve this error?
I just faced the same problem even though I followed the same steps as mentioned in the microsoft documentation. The actual problem seems to be with the permissions on the folder paths where the certificate files are located.
You can verify whether mssql user is able to connect or not using the openssl commands.
This command will do a basic verification on whether the certificates are valid or not.
sudo su - mssql -c "openssl verify -verbose -CAfile /etc/ssl/certs/mssql_ca.pem /etc/ssl/certs/cert.pem"
If you wanted to see if the combination of certificates are actually working or not (with key), you can start a openssl server service and then connect to it with another openssl client connection.
sudo su - mssql -c "openssl s_server -accept 8443 -cert /etc/ssl/certs/cert.pem -key /etc/ssl/private/privkeyrsa.pem -CAfile /etc/ssl/certs/mssql_ca.pem"
openssl s_client -connect localhost:8443
Another small correction from the documentation (I am using CA provided certificate), had to convert the key file format (might not require for you).
openssl rsa -in /etc/ssl/private/key.pem -out /etc/ssl/private/privkeyrsa.pem
Currently Amazon device farm does not have support for Robot framework with Appium. Is there a work around or a tool that can allow me to run my robot scripts on Amazon device farm?
Using the custom environment it is possible to use the robotframework. For example, here are the steps I used to run a robotframework test in Device Farm.
git clone https://github.com/serhatbolsu/robotframework-appiumlibrary.git
cd robotframework-appiumlibrary
Next I made modifications to the resource file for the Device Farm execution by referencing the environment variables.
./demo/test_android_contact_resource.txt
*** Settings ***
Library AppiumLibrary
*** Variables ***
${REMOTE_URL} http://localhost:4723/wd/hub
${PLATFORM_NAME} %{DEVICEFARM_DEVICE_PLATFORM_NAME}
${DEVICE_NAME} %{DEVICEFARM_DEVICE_NAME}
${APP} %{DEVICEFARM_APP_PATH}
*** Keywords ***
add new contact
[Arguments] ${contact_name} ${contact_phone} ${contact_email}
Open Application ${REMOTE_URL} platformName=${PLATFORM_NAME} deviceName=${DEVICE_NAME} app=${APP} automationName=UIAutomator2
Click Element accessibility_id=Add Contact
Input Text id=com.example.android.contactmanager:id/contactNameEditText ${contact_name}
Input Text id=com.example.android.contactmanager:id/contactPhoneEditText ${contact_phone}
Input Text id=com.example.android.contactmanager:id/contactEmailEditText ${contact_email}
Click Element accessibility_id=Save
I then created the test package to upload to Device Farm using the following steps:
# assumes we're still in the same directory as local execution
# create a virtual directory
/usr/local/bin/python2 /Users/$(whoami)/Library/Python/2.7/lib/python/site-packages/virtualenv.py workspace
cd workspace/
source bin/activate
pip install pytest
pip install Appium-Python-Client
pip install robotframework
pip install robotframework-appiumlibrary
mkdir tests
cp ../demo/*.txt ./tests/
pip freeze > requirements.txt
pip wheel --wheel-dir wheelhouse -r requirements.txt
echo "# This is a dummy file to appease the parser in Device Farm" > ./tests/dummy_test.py
# mv command might be required on mac to appease the Device Farm parser
mv wheelhouse/scandir-1.10.0-cp27-cp27m-macosx_10_12_x86_64.whl wheelhouse/scandir-1.10.0-py2.py3-none-any.whl
# changed ./bin/robot to use #!/bin/python instead of absolute path to workspace
zip -r test_bundle.zip tests/ wheelhouse/ requirements.txt
Next I used the following command in the testspec.yml file to execute the tests in Device Farm.
bin/robot --outputdir $DEVICEFARM_LOG_DIR/robotresults tests/test_android_contacts.txt
AWS Device Farm supports frameworks like Robotium that have record and playback scripting tools. If you wish to use TestNG or JUnit You can insert language into your script that captures screen shots:
public boolean takeScreenshot(final String name) {
String screenshotDirectory = System.getProperty("appium.screenshots.dir", System.getProperty("java.io.tmpdir", ""));
File screenshot = ((TakesScreenshot) driver).getScreenshotAs(OutputType.FILE);
return screenshot.renameTo(new File(screenshotDirectory, String.format("%s.png", name)));
}
This is an important feature for reporting. You can put this method on your Abstract BasePage or Abstract TestBase.
Using letsencrypt and gethttpsforfree, i've created the following files:
account.key <- private key
domain.crt
domain.key
intermediate.pem
When I log into the (new for 2016) GAE console, it has the following fields required:
For the private key, I use the account.key. However for the 'public key certificate' i'm not sure what i need to use, and I cannot figure out which combination of files i need.
Not sure where from you got this files, but for Let's Encrypt you'll get following in live/www.yourdomain.com directory:
cert.pem
chain.pem
fullchain.pem
privkey.pem
For public key certificate you should use cert.pem
And for private key you have to convert it first by using following command:
openssl rsa \
-inform pem -in live/www.yourdomain.com/privkey.pem \
-outform pem > live/www.yourdomain.com/privkey_rsa.pem
The use resulting privkey_rsa.pem as a RSA private key
I followed the guide here at tx802's suggestion and it succeeded:
http://blog.seafuj.com/lets-encrypt-on-google-app-engine
I'm trying to add a new SSL certificate to my Google App Engine account, but after following all the steps in the manual I kept getting this error uploading the Unencrypted PEM encoded RSA private key:
The private key you've selected does not appear to be valid.
Anyone have experienced this issue?
I had the same problem last week. Google's instructions are lacking...
Your PEM file has this line:
-----BEGIN RSA PRIVATE KEY-----
Delete everything above this line and it will work.
Google requires an RSA formatted private key, which should have the following header (note the word RSA):
-----BEGIN RSA PRIVATE KEY-----
If your key has just: ---BEGIN PRIVATE KEY--- (no RSA), then you will need to convert it. You can use OpenSSL for that:
openssl rsa -in server.key -out server_rsa.key
Ok, SSL configuration continues to be like trying to bathe a black cat in a dark room. Here's the answer that worked for me:
Trouble with Google Apps Custom Domain SSL