There are different SSH servers you can install, dropbear is one of them. (For well known OpenSSH, see the page OpenSSH Install.)

Dropbear uses very little storage space and memory when running (which is good for the Pre that only has 256MB of RAM) but doesn't have all the advanced features that OpenSSH has. Dropbear does not support client authentication forwarding, encrypted keys (your key protected with a password) and uses its own key format (tools are included fo convert to openssh).

Dropbear Installation

1. Install Dropbear:

/opt/bin/ipkg-opt install dropbear

2. Kill the Dropbear daemon automatically started by ipkg (arrgh!):

pkill dropbear ; pkill -9 dropbear

3. webOS uses the Upstart system for starting (and restarting them if they die) system daemons. Install an Upstart event for the Dropbear SSH daemon.

cd /etc/event.d/
wget http://gitorious.org/webos-internals/bootstrap/blobs/raw/master/etc/event.d/optware-dropbear

4 [Optional] If you want to connect to the pre over EVDO as well as over wifi, do this step. Generally, most seem to think that's a bad idea.

Take a look at the script. Notice that it automatically modifies the firewalls rules to enable incoming SSH on port 222 over WiFI (interface eth0) connections only. Follow the directions in the script to enable SSH on all interfaces (including your EVDO interface) if you wish.

Look at the script for dropbear

cat optware-dropbear 

5. Start the Dropbear SSH daemon for testing:

initctl start optware-dropbear

6. Obtain the IP address of your Pre. Look for the "inet addr://Your.IP.Address//" to get the ip address for your WIFI connection:

ifconfig eth0

to get the ip address for your evdo connection:

ifconfig ppp0 

7. **TEST that SSH is working!!! ** From a remote system SSH to your Pre using //your// username and port 222.

Do _not_ stop your telnet session. You aren't done yet. This is TESTING in a seperate window.

For example, from a Linux desktop you would run.

ssh -p 222 PRE-USERNAME@YOUR-PRE-IP-ADDR

From a Windows desktop we recommend using PuTTY. Download and run putty.exe and follow the help.

Logout when done with "exit".

8. Optionally, generate SSH keys on the Pre

This is so that you can ssh FROM the Pre to something else. This is also useful if you want to access a git repo from the Pre and do not want to use your standard SSH keypair.

# as the pre user. orig instructions at http://ff.im/4EqGk
cd
mkdir .ssh
touch .ssh/authorized_keys
/opt/sbin/dropbearkey -t rsa -f .ssh/id_rsa
/opt/sbin/dropbearkey -f .ssh/id_rsa -y | grep ssh-rsa > .ssh/id_rsa.pub
# you can then copy the .ssh/id_rsa.pub to whatever remote host you want to access
# test this out by doing the following
ssh -i ~/.ssh/id_rsa <target host>

9. Remount the file system as readonly:

cd /
mount -o remount,ro /

10. Reboot your device and confirm that you can still access it after it boots using SSH.

11. Once you are able to ssh in, disable dev mode. Dev Mode enabled opens the firewall up -- not a safe position to be in. Unless you mess up and NEED to telnet or novacom in again, keep dev mode off.

Return to the Next Steps page.

Credits:

• Upstart Dropbear script and general cleanup from Dax Kelson
• Sudo recipe from greg963 at Precentral.net
• Original SSH process is based on dreadchicken's work
• Sargun for the original Telnet process
• zinge for validation of the process
• Jauder Ho for SSH keygen [1]

See also

• http://www.nslu2-linux.org/wiki/Optware/HomePage
• Optware Cross Compilation
• OpenSSH Install
• [homepage]