Overview
A guide covering some custom choices you could make.
Fast Track
Note the below fixes assume Standard US American Keyboard. If you have a different keyboard let us know and we can modify this guide for that keyboard too, and also maybe translate it to your native tongue.
The problem is after we go through all the steps to get into “Steam Desktop” mode here:
If I click and launch the Terminal App:
(pic coming soon)
I get a spinning wheel and then the app fails to launch.
Ctrl + Alt + F2
This can be fixed manually, then we can begin having the intended SteamOS experience for Desktop – keep in mind Desktop mode is outside the scope of what SteamOS was designed to do well – “out of the box” but thankfully we have a community of helpful Linux friend ready and willing to help us sort it out and ultimately save time, money and headaches (to a small degree – tech still gives headaches no matter what 🙂 haven’t solve that yete.)
So Control + Alt + F2 (Function 2) on the keyboard.
More about what the other Functions do here:
(Guide coming soon)
Now we see this:
Since we don’t have a password yet for desktop (security feature from Valve, thanks!) we can just log in by typing “desktop” so:
`steamos login: desktop`
Then hit Enter.
now type:
sudo dpkg-reconfigure -plow locales
The first screen should be fine, this is what we have:
On the Second Screen:
Select “en_us.UTC-8”
Now Reboot:
sudo reboot
OR
Ctrl + Alt + F8: To switch back to SteamOS Desktop and reboot using the Desktop interface (top right power button.)
Once you are rebooted, you should be able to now open terminal from within the SteamOS Desktop.
Us: 1 Badies: 0
“GO BACK..FROM WHENCE YOU CAME!”
Some Hobbit humor. But here’s your sign:
[link]
“YOU SHALL NOT PASS!!!”
Overtime we will get more and more into security. This first part will move to another Guide but for now we will paste here for reference:
Ctrl + Alt + F2 – the we can “sudo” without password.
sudo apt install gedit
Ctrl + Alt + F8
Make .ssh folder in Home
Show hidden
touch id_rsa.pub
Windows + R:
Then type: cmd (into the white field)
You should see your:
C:UsersUsername>
Type “ssh-keygen”
C:UsersUsername>ssh-keygen
# Then
The key fingerprint is:
SHA256:bunchOfStuffkdfjlsjlfdsl/MoreStuffkjdlsjkjlj username@DESKTOP-PCNAME
The key’s randomart image is:
+—[RSA 2048]—-+
Computer Art!
Just Ignore
…
+—-[SHA256]—–+
Copy the public to gitlab
Login to gitlab and grab it
Open “Terminal” on Desktop
cd .ssh
touch id_rsa.pub
Type “gedit”
drag the newly created id_rsa.pub to gedit.
Paste the public key there.
Ctrl + Alt + F2:
cp id_rsa.pub authorized_keys
Find your IP:
On Windows:
ssh [email protected]
sudo apt install openssh-server
If you get:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
It is either yes you are being hacked! OR OR OR … wait…you maybe signed in before on a previous attempt to this IP address and now the keys have changed. If you have any doubts reach out.
You can safely go to your windows keys, find the ip that changed and delete the old one.
On Windows:
C:/Users/Username/.ssh/known_hosts
Be careful, and get more info from us or bing / duckduckgo.com searches. But mainly you just delete the line that has the old:
IP + ECDSA key (SHA256?) fingerprint
So i.e.
192.x.x.x ecdsa-sha2-nistp256 Adfhkjdhfdskhjsdhkfhkdhfkjhkdshkfhjshkhskfhkdskfh etc. <–Delete this line only.
Then try again:
ssh [email protected]
Pretty slick and secure way to access your SteamOS, you never created a password!
Last step is to secure those key folders and files with:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
# Only do these if you followed the tutorial exactly.
cd .ssh
rm id_rsa.pub
* This will remove the public key file, this is only here for this tutorial read below.
(Only do this if you used it for cp command above. Might check it first to make sure it only has the stuff we used it for. When we get to signing into another machine from this one, we will recreate it, perhaps you already have? So check. But either way we need to clean up, and we can’t leave the permissions as they were.)
Next up, adding a password but disabling password-only authentication.
Doing this step now means your SteamOS never had password-only authentication thereby limiting your potential attack surface just that much more.
After that…Securing you Windows box. Yikes!
Test
Lets test. Create a password:
On Linux:
Ctrl + Alt + F2
sudo nano /etc/ssh/sshd_config
# Disable password authentication
PasswordAuthentication no
(delete the #)
sudo systemctl reload sshd
passwd
(enter password 2x like is says)
Zip up these (only the 2x hightlighted ones) on your windows box:
C:UsersUsername>ssh [email protected]
[email protected]: Permission denied (publickey).
Success!
Now unzip, and put those two files back in place and delete the zip we don’t need that.
(How to zip?)
Right click > Send to > Compressed folder.
Now that they are back in place:
C:UsersUsername>ssh [email protected]
sudo ls
(it will ask you for a password)
if after entering the password you just created with passwd , you see a list of the files in you home directory for user: desktop – success!
Great, now we have a password we can use sudo with from Windows terminal and our SteamOS box never had password only authentication available.