|
2011-10-20
, 13:30
|
|
Posts: 528 |
Thanked: 345 times |
Joined on Aug 2010
@ MLB.AU
|
#2
|
|
2011-10-20
, 14:39
|
Posts: 1 |
Thanked: 0 times |
Joined on Oct 2011
|
#3
|
|
2011-10-20
, 17:32
|
Posts: 1,539 |
Thanked: 1,604 times |
Joined on Oct 2011
@ With my N9
|
#4
|
|
2011-10-20
, 18:29
|
Posts: 29 |
Thanked: 29 times |
Joined on Apr 2010
@ Somewhere in Europe
|
#5
|
dpki -i opera*
Argonaut
Basshero.org
#113 posted on Sat Oct 15 00:00:00 2011
Nokia N9 developer mode SSH security
Got my Nokia N9 yesterday. And I'm loving it, it's pure awesomeness in how all the details fall together in to a really nice user experience. So, the phone is great, but it's also a pretty much open Linux operating system running underneath. So, one of the first things I did after some basic playing around was to enable the so called 'Developer Mode', which adds the Terminal application to the Apps menu, in addition to developer tools.
However, what you are not told by the disclaimer (except by saying this will introduce security risks) is that the developer mode also activates SSH daemon, running in the default port 22 and with root access enabled. It seems to be limited to local networks only, but even that is opening a huge hole that should never be opened. Ever. At least force the user to change the root password, like the N900 did, since the default password is public information.
There are a few things that can be done to improve security on the phone after developer mode.
Make sure root cannot log in through SSH:
In /etc/ssh/sshd_config, change the item 'PermitRootLogin' to 'no'.
Change the default port where SSH listens
In /etc/ssh/sshd_config, change the port on line 'Port 22' to a port of your choice.
Change root password
As root, type 'passwd' and type new password twice.
Note! Don't forget your new root password!
Set 'user' password (to enable login with 'user' through ssh)
As root, type 'passwd user' and type new password twice.
You can either do these changes by opening the terminal and changing to root or log in as root via SSH. To change to root in the terminal, you can use the command (typing the root password at the password prompt):
devel-su -
After these changes, either reboot your phone or do the following:
Kill the session "/usr/sbin/sshd -D -4" with the command:
pkill -o sshd
SSHD will respawn automatically.
SSH daemon should be listening on the new port now, with root login disabled over SSH.
A few notices!
If you do development, I'm not sure how making these changes affect the way the SDK tools work. But, reversing the steps should put the situation back to as it was before it some development tool doesn't integrate with the device any more.
Do not enable developer mode unless you are doing development or like to play around in the Linux core. There be dragons...
Hopefully I'll have time in the coming days to recap my thoughts about the N9 in general, you know, as a phone I can say one thing now - it's the best feeling, looking and working phone I've ever had. Only thing it lacks is the keyboard, but then that would spoil some of the beauty of the device..
|
2011-10-21
, 02:55
|
Posts: 61 |
Thanked: 2 times |
Joined on Jun 2010
|
#6
|
|
2011-10-22
, 18:14
|
Posts: 29 |
Thanked: 18 times |
Joined on Oct 2011
@ finland
|
#7
|
|
2011-10-27
, 08:26
|
Posts: 278 |
Thanked: 114 times |
Joined on Jan 2010
@ SD, CA
|
#8
|
|
2011-10-28
, 14:12
|
Posts: 61 |
Thanked: 2 times |
Joined on Jun 2010
|
#9
|
I just received my N9, I want to install Opera 11 on it (love it on my N900) trying to figure out how to get the Terminal app (where do you get it from?) and then I believe to get Opera you need to do it via command line?
So far so good had my N9 here in the USA for about 12 hours now, very slick phone.