Difference between revisions of "OpenSSH Install"
Papa4narchia (talk | contribs) m |
Papa4narchia (talk | contribs) m |
||
| Line 1: | Line 1: | ||
| − | ==Install OpenSSH | + | ==Install OpenSSH== |
<pre><nowiki> | <pre><nowiki> | ||
ipkg-opt install openssh | ipkg-opt install openssh | ||
| Line 5: | Line 5: | ||
Note that the default configuration of OpenSSH does '''not''' enable SFTP. Since SCP just uses basic SSH, that works. | Note that the default configuration of OpenSSH does '''not''' enable SFTP. Since SCP just uses basic SSH, that works. | ||
| − | ==Kill the OpenSSH daemon automatically started by ipkg | + | ==Kill the OpenSSH daemon automatically started by ipkg== |
<pre><nowiki> | <pre><nowiki> | ||
killall sshd | killall sshd | ||
</nowiki></pre> | </nowiki></pre> | ||
| − | ==Mount the file system as readwrite | + | ==Mount the file system as readwrite== |
<pre><nowiki> | <pre><nowiki> | ||
mount -o remount,rw / | mount -o remount,rw / | ||
</nowiki></pre> | </nowiki></pre> | ||
| − | ==Install an upstart event for the OpenSSH daemon | + | ==Install an upstart event for the OpenSSH daemon== |
<pre><nowiki> | <pre><nowiki> | ||
cd /etc/event.d/ | cd /etc/event.d/ | ||
| Line 21: | Line 21: | ||
</nowiki></pre> | </nowiki></pre> | ||
| − | ==[Optional] | + | ==[Optional step] Connecting to your pre over 3G (EVDO, UMTS) or WiFi== |
Generally, most seem to think that's a bad idea. | Generally, most seem to think that's a bad idea. | ||
Take a look at the script /etc/event.d/optware-openssh. Notice that it automatically modifies the firewalls rules to enable incoming SSH on port 222 over WiFi (interface eth0) connections only. Follow the directions in the script to enable SSH on all interfaces (including your 3G interface), if you wish. | Take a look at the script /etc/event.d/optware-openssh. Notice that it automatically modifies the firewalls rules to enable incoming SSH on port 222 over WiFi (interface eth0) connections only. Follow the directions in the script to enable SSH on all interfaces (including your 3G interface), if you wish. | ||
| Line 28: | Line 28: | ||
<pre><nowiki>cat /etc/event.d/optware-openssh</nowiki></pre> | <pre><nowiki>cat /etc/event.d/optware-openssh</nowiki></pre> | ||
| − | ==Start the OpenSSH daemon for testing | + | ==Start the OpenSSH daemon for testing== |
<pre><nowiki> | <pre><nowiki> | ||
initctl start optware-openssh | initctl start optware-openssh | ||
</nowiki></pre> | </nowiki></pre> | ||
| − | ==Obtain the IP address of your Pre | + | ==Obtain the IP address of your Pre== |
| − | to get the ip address for your WIFI connection: | + | Look for the "inet addr://Your.IP.Address//" to get the ip address for your WIFI connection: |
<pre><nowiki> | <pre><nowiki> | ||
ifconfig eth0 | ifconfig eth0 | ||
</nowiki></pre> | </nowiki></pre> | ||
| − | + | To get the ip address for your 3G (EVDO, UMTS) connection: | |
<pre><nowiki> | <pre><nowiki> | ||
ifconfig ppp0 | ifconfig ppp0 | ||
| Line 45: | Line 45: | ||
Alternatively, you can install the Preware application "What is my IP?" for a convenient GUI to lookup IPs on all your interfaces. | Alternatively, you can install the Preware application "What is my IP?" for a convenient GUI to lookup IPs on all your interfaces. | ||
| − | ==Test your SSH installation | + | ==Test your SSH installation== |
'''DO NOT CLOSE YOUR TELNET SESSION YET. DO THIS IN A NEW WINDOW ''' From a remote system SSH to your Pre using //your// username and port 222. For example, from a Linux desktop you would run. | '''DO NOT CLOSE YOUR TELNET SESSION YET. DO THIS IN A NEW WINDOW ''' From a remote system SSH to your Pre using //your// username and port 222. For example, from a Linux desktop you would run. | ||
<pre><nowiki> | <pre><nowiki> | ||
| Line 54: | Line 54: | ||
Logout when done with "exit". | Logout when done with "exit". | ||
| − | ==Remount the file system as readonly | + | ==Remount the file system as readonly== |
<pre><nowiki> | <pre><nowiki> | ||
mount -o remount,ro / | mount -o remount,ro / | ||
Revision as of 11:16, 25 September 2010
Install OpenSSH
ipkg-opt install openssh
Note that the default configuration of OpenSSH does not enable SFTP. Since SCP just uses basic SSH, that works.
Kill the OpenSSH daemon automatically started by ipkg
killall sshd
Mount the file system as readwrite
mount -o remount,rw /
Install an upstart event for the OpenSSH daemon
cd /etc/event.d/ wget http://gitorious.org/webos-internals/bootstrap/blobs/raw/master/etc/event.d/optware-openssh
[Optional step] Connecting to your pre over 3G (EVDO, UMTS) or WiFi
Generally, most seem to think that's a bad idea. Take a look at the script /etc/event.d/optware-openssh. Notice that it automatically modifies the firewalls rules to enable incoming SSH on port 222 over WiFi (interface eth0) connections only. Follow the directions in the script to enable SSH on all interfaces (including your 3G interface), if you wish.
Look at the script starting openssh:
cat /etc/event.d/optware-openssh
Start the OpenSSH daemon for testing
initctl start optware-openssh
Obtain the IP address of your Pre
Look for the "inet addr://Your.IP.Address//" to get the ip address for your WIFI connection:
ifconfig eth0
To get the ip address for your 3G (EVDO, UMTS) connection:
ifconfig ppp0
Alternatively, you can install the Preware application "What is my IP?" for a convenient GUI to lookup IPs on all your interfaces.
Test your SSH installation
DO NOT CLOSE YOUR TELNET SESSION YET. DO THIS IN A NEW WINDOW From a remote system SSH to your Pre using //your// username and port 222. For example, from a Linux desktop you would run.
ssh -p 222 PRE-USERNAME@YOUR-PRE-IP-ADDR
From a Windows desktop we recommend using PuTTY.
Logout when done with "exit".
Remount the file system as readonly
mount -o remount,ro /
Reboot your device
reboot
Confirm that you can still access it after it boots using SSH.
Once you are able to ssh in, disable dev mode.
Dev Mode enabled opens the firewall up -- not a safe position to be in. Unless you mess up and NEED to telnet or novacom in again, keep dev mode off.
Return to the Next Steps page.
Credits:
- Upstart Dropbear script and general cleanup from Dax Kelson
- Sudo recipe from greg963 at Precentral.net
- Original SSH process is based on dreadchicken's work
- Sargun for the original Telnet process
- zinge for validation of the process