Active Topics

 


Page 3 of 5 12 3 45
Reply
Thread Tools
mece's Avatar
mece is offline mece
2011-11-02 , 20:00
Posts: 1,111 | Thanked: 1,985 times | Joined on Aug 2009 @ Åbo, Finland
#21
ssh over 3g is blocked by a script that drops connections over gprs to port 22. The script is aegis protected so you can't just go and change it. This is how I solved the problem:
http://talk.maemo.org/showpost.php?p...7&postcount=56

It's a workaround, but it works.
__________________
Class .. : Meddler, Thread watcher, Developer, Helper
Humor .. : [********--] Alignment: Pacifist
Patience : [*****-----] Weapon(s): N900, N950, Metal music
Agro ... : [----------] Relic(s) : N95, NGage, Tamyia Wild One
Try Tweed Suit for your hardcore twittering needs
http://twitter.com/mece66
I like my coffee black, like my metal.
 

The Following 4 Users Say Thank You to mece For This Useful Post:
DaGr8Gatzby is offline DaGr8Gatzby
2011-11-04 , 00:07
Posts: 22 | Thanked: 5 times | Joined on Nov 2009
#22
How do I shut off sshd?
 
SteveYoungs's Avatar
SteveYoungs is offline SteveYoungs
2011-11-04 , 02:41
Posts: 79 | Thanked: 47 times | Joined on Oct 2011 @ Brisbane, AU
#23
Originally Posted by SteveYoungs View Post
You don't have permission to run iptables at all (not even as root). Thank you very much, aegis mumbo-jumbo nonsence. :-(
But you do if you are not root. aegis, you are so god damned weird! I can't wait till I find a way to turn that off completely and forever.
 

The Following User Says Thank You to SteveYoungs For This Useful Post:
SteveYoungs's Avatar
SteveYoungs is offline SteveYoungs
2011-11-04 , 02:52
Posts: 79 | Thanked: 47 times | Joined on Oct 2011 @ Brisbane, AU
#24
Originally Posted by mece View Post
ssh over 3g is blocked by a script that drops connections over gprs to port 22. The script is aegis protected so you can't just go and change it. This is how I solved the problem:
http://talk.maemo.org/showpost.php?p...7&postcount=56

It's a workaround, but it works.
All this script does is add a iptables rule to the device's firewall, and it is only for incoming connections. It does not stop you from ssh'ing from the device over 3g.

You can also easily remove the iptables rule that it adds with:

Code:
/sbin/iptables -D INPUT -i gprs0 -p tcp -m tcp --dport 22
 -j DROP
Note though that you would need to do this after ever reboot of the device. And also because of aegis weirdness you have to do this as "user" not as "root".
 

The Following 3 Users Say Thank You to SteveYoungs For This Useful Post:
kopla is offline kopla
2011-11-06 , 17:48
Posts: 14 | Thanked: 34 times | Joined on Apr 2010 @ Finland
#25
Aerlier SSH connection worked but not after OpenSSH updated.
I only get error "Connection refused".

Any ideas how this problem could be solved?
 
shmerl is offline shmerl
2011-11-06 , 20:42
Posts: 1,298 | Thanked: 2,277 times | Joined on May 2011
#26
See also: http://forum.meego.com/showthread.php?t=4866
 
shmerl is offline shmerl
2011-11-06 , 20:58
Posts: 1,298 | Thanked: 2,277 times | Joined on May 2011
#27
Originally Posted by SteveYoungs View Post
Note though that you would need to do this after ever reboot of the device. And also because of aegis weirdness you have to do this as "user" not as "root".
It's actually good. When you really need to access the device through ssh, you can do this temporary removal, which is back after the reboot. But really for security reasons I wouldn't leave ssh open there for the outside network. Remote ssh forwarding works fine, and limits the session to your own machine.
 
SteveYoungs's Avatar
SteveYoungs is offline SteveYoungs
2011-11-06 , 23:17
Posts: 79 | Thanked: 47 times | Joined on Oct 2011 @ Brisbane, AU
#28
Originally Posted by shmerl View Post
It's actually good. When you really need to access the device through ssh, you can do this temporary removal, which is back after the reboot. But really for security reasons I wouldn't leave ssh open there for the outside network. Remote ssh forwarding works fine, and limits the session to your own machine.
Yeah, I agree. In fact, I never SSH to my N9 over 3g/gprs. Why? Because the only time I'm using 3g I'm away from home, and when I'm away from home my N9 is with me.

Outgoing SSH (from the N9) is unaffected by this iptables rule, so for my usage at least, never need to touch the iptables for SSH.
 
J4ZZ is offline J4ZZ
2011-11-07 , 08:23
Posts: 539 | Thanked: 518 times | Joined on May 2010 @ nanaurbusiness
#29
Have someone tried to just put the N9 into AP mode (Mobile Hotspot) and then connect over SSH? Always worked with the N900.

Cheers,

J4ZZ
Last edited by J4ZZ; 2011-11-07 at 08:27.
 
mooglez is offline mooglez
2011-11-07 , 09:32
Posts: 136 | Thanked: 150 times | Joined on Dec 2010 @ Finland
#30
Originally Posted by kopla View Post
Aerlier SSH connection worked but not after OpenSSH updated.
I only get error "Connection refused".

Any ideas how this problem could be solved?
the update disabled root login to ssh by default
you can login as user, or edit the sshd_config to allow root login again.
 
Reply
Page 3 of 5 12 3 45

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 01:51.

Contact Us - Home - Archive - Top