disabling ssh server on n900
 

sorry i asked this in another thread but no one answered

i want to stop the ssh server to possibly save some power and increase security

i learnt to root and "/etc/init.d/ssh stop" to stop the server. i know that works because it said ssh stop

then i tried "rm -f /etc/rc2.d/s55ssh" to stop it for autostarting. that worked because i tried to connect but couldnt.

and then finally i tried "ln -s /etc/rc2.d/s55ssh -> /etc/init.d/ssh" incase i wanted the autostart function back. dont know if that works because he said it would need a restart.

now i dont know if any of it works anymore because i don't get the ssh stop message when trying to stop it. and offcourse the server doesnt stop.
i tried restarting and trying it again but still don't work

could the last command i entered stuffed it up?

one more thing. my phone acted pretty strange when trying to type this. the browser would just dissappear when im almost finished typing or would go to a different page. i tried to type this 3 times now before giving up and type it on my computer... scary :S

Re: disabling ssh server on n900
 

I think your ln command is the wrong way around. It's:
ln -s target link_name

Re: disabling ssh server on n900
 

If you typed it in exactly as you've shown it here, you've wiped out the original /etc/init.d/ssh file (by redirecting an error message to it). You'd best uninstall openssh server, make sure /etc/init.d/ssh is deleted, then reinstall.

EDIT: In fact, the error should go to stderr rather than stdout, so you'd just have truncated the init file.

Re: disabling ssh server on n900
 

thanks il try that

Re: disabling ssh server on n900
 

z3phyr: Really sorry about that duff ln -s command... :( That was from one of my posts I think (I fixed it now) Too much cut and paste, I'm afraid.. I had just pasted in the output of ls -l on the link and meant to go back and turn it into the command, but only got halfway. Mea culpa!

I'm attaching my own /etc/init.d/ssh file (I renamed it ssh.txt so I could upload it)

It should be the same as what that command wiped out, so you could just put it in place and then run the

ln -s /etc/init.d/ssh /etc/rc2.d/s55ssh command (or whatver it was ;) )

Re: disabling ssh server on n900
 

its okay. still learnt something. i tried putting in your ssh file but now when i try stopping it i just get permission denied

Re: disabling ssh server on n900
 

yep, you'll need to do

chmod 755 /etc/init.d/ssh

to give it the 'execute' permission

also there's a better way of controlling startup scripts.. I'm pretty sure it's mentioned later on in the thread where you got my bogus ln command

Re: disabling ssh server on n900
 

It seems sshd is started by upstart so removing the rc2.d link won't work. I know little about upstart but sshd is started from /etc/event.d/sshd so it might be possible to change the exec line to a script :-
This is untested but I don't think it will cause any problems with booting the N900 itself, just sshd. Make a backup before trying though; oh and let us know how it goes.

Re: disabling ssh server on n900
 

yeah it works. thanks alot. everything working okay by the looks of it.

last night i was playing with the "update-rc.d -f ssh remove" command. it removed some ssh entries. not too sure what that does, hope it don't cause any problems

where can i learn what the options means like the -f and -d etc.

Re: disabling ssh server on n900
 

man update-rc.d on a Linux box or google for it:-
Given upstart doesn't use system-v links (rc2.d etc.) unless the upstart-compat-sysv is installed then it is of little use on a N900.

Re: disabling ssh server on n900
 

is this particularly battery hungry? as i have installed it. but know i wont use it much

also whats the autostart. is that it restarting on reboot?

Re: disabling ssh server on n900
 

im not too sure if its that battery hungry, havn't really noticed.

but the autostart is it automatically runs again once someone tries to connect to it. for paranoid people that are afraid of unauthorized access

Re: disabling ssh server on n900
 

Funnily enough, the server doesn't seem to stop for me, even though it returns "service stopped"; ssh localhost still lets me in.

I suppose I should do some research and file a bug report. Some day...

Re: disabling ssh server on n900
 

From an xterminal try :-
Does it stop it now - if so it may have been a pid file lying around from earlier. Argh, perhaps it is an interaction between the old and new methods of starting : init.d against upstart. In fact perhaps the above should be just "start sshd; stop sshd" instead of "/etc/init.d/sshd" ?

Re: disabling ssh server on n900
 

i always thought SSH was fairly secure. did i miss something

Re: disabling ssh server on n900
 

I've got the same problem, if i kill sshd or do ./sshd stop, it doesn't change anything, i can still connect to ssh... Worst case i get booted but the server is still there.

I'm not used to upstart yet, how am i supposed to disable something without edition the main scripts for a hack? :)

Re: disabling ssh server on n900
 

i think you didnt stop the autostart. the server will automatically run again once someone tries to establish a connection to it.

im pretty sure "rm -f /etc/rc2.d/s55ssh" worked for me the first time before i messed up with the ln command.

if that doesnt work then guess you'll have to try that script

Re: disabling ssh server on n900
 

You removed the following links:
/etc/rc0.d/K20ssh
/etc/rc1.d/K20ssh
/etc/rc.2.d/S55ssh
/etc/rc.3.d/S55ssh
/etc/rc.4.d/S55ssh
/etc/rc.5.d/S55ssh
/etc/rc6.d/K20ssh

Which meant (K)ill ssh at runlevel 0,1 and 6. (S)tart ssh at runlevel 2, 3, 4 and 5). The 55/20 is the order at which ssh is started/stopped (a start script with S40 will be executed before S41, and the same goes for K scripts)... :)

Maemo is apparently using runlevel 2 as "GUI" runlevel (normally it's 5), and 0 is shutdown, 6 is restart (don't mind about the rest). ;)

http://en.wikipedia.org/wiki/Runlevel

They can be added again using this:
;)
From the man page of update-rc.d (on Ubuntu):
EXAMPLES
Insert links using the defaults:
update-rc.d foobar defaults
The equivalent dependency header would have start and stop
dependencies on $remote_fs and $syslog, and start in
runlevels 2-5 and stop in runlevels 0, 1 and 6.
Equivalent command using explicit argument sets:
update-rc.d foobar start 20 2 3 4 5 . stop 20 0 1 6 .
More typical command using explicit argument sets:
update-rc.d foobar start 30 2 3 4 5 . stop 70 0 1 6 .
Insert links at default runlevels when B requires A
update-rc.d script_for_A defaults 80 20
update-rc.d script_for_B defaults 90 10
Insert a link to a service that (presumably) will not be needed by any
other daemon
update-rc.d top_level_app defaults 98 02
Insert links for a script that requires services that start/stop at
sequence number 20
update-rc.d script_depends_on_svc20 defaults 21 19
Remove all links for a script (assuming foobar has been deleted
already):
update-rc.d foobar remove
Example of disabling a service:
update-rc.d -f foobar remove
update-rc.d foobar stop 20 2 3 4 5 .
Example of a command for installing a system initialization-and-shut‐
down script:
update-rc.d foobar start 45 S . stop 31 0 6 .
Example of a command for disabling a system initialization-and-shutdown
script:
update-rc.d -f foobar remove
update-rc.d foobar stop 45 S .

Re: disabling ssh server on n900
 

It's the Debian way to only use runlevel 2. Red Hat uses runlevel 5 as main runlevel, with varying services starting on the other runlevels.

I don't know why Debian just doesn't use BSD style start up rather than SysV if its only going to use one main runlevel.

Re: disabling ssh server on n900
 

Thanks for educating me... ;)

Re: disabling ssh server on n900
 

DrWilken
No problems.

I have noticed with the ssh server that I can't login remotely [and maybe locally but can't be tested] until I open a login shell.

Initially I thought it to be a PITA, but I guess its a nice safety feature, if it is indeed such.

Anyone else with this or is it something unique to mine?
Thanks.

Re: disabling ssh server on n900
 

I haven't noticed this (but I disabled the ssh server so I always open a login shell to start ssh before using it anyways)... ;)

Re: disabling ssh server on n900
 

Cool. I am kinda liking this "feature"

Re: disabling ssh server on n900
 

Yeah, it actually makes sense... ;)

Re: disabling ssh server on n900
 

DrWilken, thanx for pointing to the update-rc.d...
The "update-rc.d -f ssh remove" does the job and sshd does not come up after restart or whatsoever... Now it is only by demand through the "/etc/init.d/ssh start|stop"... At least it works for me.... ;)

Re: disabling ssh server on n900
 

Glad I helped out... ;)

Re: disabling ssh server on n900
 

I thought upstart was meant to be SysV compatible. I was surprised Debians update-rc.d script was not working when reading this thread.

Good work DrWilken

Re: disabling ssh server on n900
 

The other thing I'm thinking about... is there any way to create a shortcut to start/stop ssh as root through the main menu?
Just like one I have for VNC under the user:

Nokia-N900-42-11:/usr/share/applications/hildon# cat x11vnc.desktop
[Desktop Entry]
Encoding=UTF-8
Version=0.93
Type=Application
Name=x11vnc
Exec=/usr/bin/x11vnc
Icon=control_device_setup
X-Window-Icon=control_device_setup
X-Window-Icon-Dimmed=control_device_setup
Nokia-N900-42-11:/usr/share/applications/hildon#

Or may be there is a way to start ssh under the user?
Most probably this may work: http://svashishtha.wordpress.com/200...ost-on-ubuntu/.
Well.. the only thing that I did forget about is that if there is no sshd up, it won't be possible to do a ssh root@localhost to start up sshd... :D
sshd stopping does work through this WA. ;)

Re: disabling ssh server on n900
 

There is the following package in Ubuntu/Debian for this :-
I suspect the idea is to move away from sys-v and just use upstart combined with if-up/down.d for network scripts. Bit confusing for "old-timers" like myself but I'm gradually getting the hang if it.

Re: disabling ssh server on n900
 

As root:
Now change the the exec line to:

Re: disabling ssh server on n900
 

Thanks.

Yeah I know what you mean. I still have no clue with upstart [yet]

Re: disabling ssh server on n900
 

you could also edit the /etc/ssh/sshd_config file and have sshd listen on some other, more obscure port by changing the line that says

Port 22

to be some other port well about 1024.

Works for me...

Re: disabling ssh server on n900
 

This is most likely a very stupid question - i'm just starting to learn linux so my knowledge is minimal.

I've spent time reading the posts regarding ssh,
got WINSCP installed on an XP machine and successfully connected from the xp machine into the N900.
Even correctly re-jigged the port to a non default one.

Pinging and tracert shows the N900 is correctly registered on my domain
(connecting to the domains wifi)

But, there's always a but.
How from the N900 would I connect to machines on the domain and browse network shares?
This is where my ignorance comes into play .. is this possible
if so is there a step by step idiots guide anywhere?

Any info / advice much appreciated.
Cheers

.. as an addendum to the above, - unrelated.
How would I open say the sshd_config file on the N900?
Is it via xterm? or is the only way as I've already done by copying to my xp machine and using wordpad?

Re: disabling ssh server on n900
 

cant answer the first part but you can edit the sshd_config using midnight commander (from extras i think) straight from ur n900.

Re: disabling ssh server on n900
 

I found the Wizard mounter app - that does the job nicely.
Just connect to the domain on wifi, then map and mount network shares

Works perfectly.

Re: disabling ssh server on n900
 

That would work fine, but I'm using "SSH Status and Switcher", an application that lives in the notification area and allows me to switch the SSH server on or off with two simple clicks. With the above fix, said program also fails to start the server.
I think what's needed here is a different condition, say by checking the current runlevel or for a running process, so that starting of the SSH server is only inhibited during the boot process.
I will post back if I learn more.

Edit: I just tried scripting it to check for the current runlevel, but that came back with a permission denied for some reason; it worked fine when executing the same commands manually.

Re: disabling ssh server on n900
 

installed openssh-server and executed
There is already a function named check_for_no_start() checking if /etc/ssh/sshd_not_to_be_run is existing.
Don't know if creating this file will affect applet. Will try later.

Re: disabling ssh server on n900
 

I think I tried that, and I seem to recall that that made the applet not work, but it's been a while ago, so I can't be certain.

Re: disabling ssh server on n900
 

Then someone should ask applet author to add support for such feature and create/delete this file to make changes permanent and reboot-resistant. :rolleyes:

Re: disabling ssh server on n900
 

Hello guys,

tonight I had the same issue and with some hints from the #n900 channel I was able to arrive at a quick fix to do what we want it to do... but it's that..a quick hack. Next time you update your packages it will be written over.
Apparently the N900 does not use the SysV init files that we all know and love but it uses upstart

so, to solve our little problem, I simply changed the file responsible for starting ssh

go to /etc/event.d and edit sshd with your favorite UNIX aware text editor.

replace:
with

By commenting it out it won't be started automatically.

That's it. Reboot your phone and all is good.