Active Topics
-
Firefox with Leste (10)
to Maemo 7 / Leste by teroyk - 3 days, 6 hrs ago - more...
| The Following 13 Users Say Thank You to coderus For This Useful Post: | ||
|
2015-02-08
, 05:42
|
|
Posts: 2,225 |
Thanked: 3,822 times |
Joined on Jun 2010
@ Florida
|
#2
|
This is awesome. I'm glad it's fairly easy to do this on the Jolla. (V.s., for example, the N900, where the work to set this up would likely be much greater, since by default I don't believe there's any sort of PAM support whatsoever.)
__________________
If you want to donate in support of anything that I do, you can do so with either of these options:
PayPal | Bitcoin: 1J4XG2z97iFEKNZXThHdFHq6AeyWEHs8BJ | [Will add other donation options eventually]
If you want to donate in support of anything that I do, you can do so with either of these options:
PayPal | Bitcoin: 1J4XG2z97iFEKNZXThHdFHq6AeyWEHs8BJ | [Will add other donation options eventually]
 |
|
2015-02-08
, 07:39
|
|
Posts: 6,436 |
Thanked: 12,701 times |
Joined on Nov 2011
@ Ängelholm, Sweden
|
#3
|
Originally Posted by Mentalist Traceur
There is should be pam in N900, as N9 also using /etc/pam.d/sshd. You can do exactly same on your N900, just replace QGuiApplication and Sailfish parts.
This is awesome. I'm glad it's fairly easy to do this on the Jolla. (V.s., for example, the N900, where the work to set this up would likely be much greater, since by default I don't believe there's any sort of PAM support whatsoever.)
| The Following 3 Users Say Thank You to coderus For This Useful Post: | ||
|
|
2015-02-08
, 08:19
|
|
Posts: 1,293 |
Thanked: 4,319 times |
Joined on Oct 2014
|
#4
|
Seems to not work with my build of openssh, work for me he he.
__________________
You can still support my work by donation - click here
You can still support my work by donation - click here
|
|
2015-02-08
, 08:40
|
|
Posts: 6,436 |
Thanked: 12,701 times |
Joined on Nov 2011
@ Ängelholm, Sweden
|
#5
|
Originally Posted by nieldk
what matter of openssh difference? it does nothing with pam. check systemctl --user status ssh-pam-access-control
Seems to not work with my build of openssh, work for me he he.
|
|
2015-02-08
, 08:57
|
|
Posts: 1,293 |
Thanked: 4,319 times |
Joined on Oct 2014
|
#6
|
Originally Posted by coderus
nemo@Jolla]$ systemctl --user status ssh-pam-access-control
what matter of openssh difference? it does nothing with pam. check systemctl --user status ssh-pam-access-control
ssh-pam-access-control.service - SSH Pam access control
Loaded: loaded (/usr/lib/systemd/user/ssh-pam-access-control.service; disabled)
Active: active (running) since Sun 2015-02-08 09:16:49 CET; 38min ago
Main PID: 2439 (ssh-pam-access-)
CGroup: /user.slice/user-100000.slice/user@100000.service/ssh-pam-access-control.service
└─2439 /usr/bin/ssh-pam-access-daemon
__________________
You can still support my work by donation - click here
You can still support my work by donation - click here
|
|
2015-02-08
, 09:19
|
|
Posts: 1,293 |
Thanked: 4,319 times |
Joined on Oct 2014
|
#7
|
My pam sshd config
[nemo@Jolla ~]$ cat /etc/pam.d/sshd
#%PAM-1.0
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
session include system-auth
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session optional pam_keyinit.so force revoke
session required pam_exec.so quiet stdout /usr/bin/ssh-pam-access-control
[nemo@Jolla ~]$ cat /etc/pam.d/sshd
#%PAM-1.0
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
session include system-auth
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session optional pam_keyinit.so force revoke
session required pam_exec.so quiet stdout /usr/bin/ssh-pam-access-control
__________________
You can still support my work by donation - click here
You can still support my work by donation - click here
|
|
2015-02-08
, 10:14
|
|
Posts: 6,436 |
Thanked: 12,701 times |
Joined on Nov 2011
@ Ängelholm, Sweden
|
#8
|
it's absolutely original. do you installed latest 0.2.0 version? can you stop service and start ssh-pam-access-daemon in terminal, try connect to phone via ssh and give me terminal output?
|
|
2015-02-08
, 10:20
|
|
Posts: 1,293 |
Thanked: 4,319 times |
Joined on Oct 2014
|
#9
|
Yes, latest version installed.
Stopped service, and started again. Service running.
ssh acts as normal, ssh nemo@x.x.x.x from PC asks for password and connects.
But, no notifications on Jolla, nor asking for permissions.
Stopped service, and started again. Service running.
ssh acts as normal, ssh nemo@x.x.x.x from PC asks for password and connects.
But, no notifications on Jolla, nor asking for permissions.
__________________
You can still support my work by donation - click here
You can still support my work by donation - click here
|
|
2015-02-08
, 10:22
|
|
Posts: 6,436 |
Thanked: 12,701 times |
Joined on Nov 2011
@ Ängelholm, Sweden
|
#10
|
i mean stop servicce and start process in terminal to get debug output.
 |
| Tags |
| sailfish os, ssh access |
«
Previous Thread
|
Next Thread
»
|
All times are GMT. The time now is 19:15.
Contains settings (System -> Security -> SSH) with simple options.
Pam remote host value may contain hostname or ip depends on your network/ssh/dns configuration, so it's allowed to write anything to whitelist config and user responsible to control this himself.
Openrepos: https://openrepos.net/content/coderu...s-confirmation
Github: https://github.com/CODeRUS/ssh-pam-access-control
Telegram | Openrepos | GitHub | Revolut donations
Last edited by coderus; 2015-02-11 at 12:09.