Active Topics
-
The N900 is now 15 years old! (9)
to Nokia N900 by Arno_11 - 14 hrs, 17 mins ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 6 days, 2 hrs ago - more...
 |
|
2011-11-02
, 18:46
|
|
Posts: 770 |
Thanked: 558 times |
Joined on Mar 2010
@ Abidjan
|
#22
|
Originally Posted by stefanmohl
At least if your phone connects to internet with a specific IP! or Am I wrong???
This is quite fun! I tried running Maep from my PC, and that seems to work well. Now I can simply ssh to my phone and get a nice map showing exactly where my phone is! Great if it gets lost!
Hmmm, I wonder if we could figure out how to forward sound and microphone from the phone-app to the X-server on the PC... Then you could make mobile-phone calls from your PC-headset...
__________________
If you find this post useful for you, or for another member, just hit the Thanks! button
If you find this post useful for you, or for another member, just hit the Thanks! button
|
|
2011-11-02
, 19:10
|
|
Posts: 28 |
Thanked: 10 times |
Joined on Dec 2010
@ near Paris
|
#23
|
have you tried ssh -XYC user@host ...
|
|
2011-11-03
, 01:13
|
|
Posts: 172 |
Thanked: 170 times |
Joined on Jan 2010
@ Sweden
|
#24
|
stef: Yep, didn't work.
Boemien: You don't really need the phone to have a fixed IP, as long as you have _some_ machine that is reachable over ssh (fixed ip or dyndns).
Just set up a reverse port-forwarding on your phone, like so:
ssh -g -R22222:localhost:22 sshlogin.yourhost.net
then, on sshlogin.yourhost.net, you can write:
ssh -p 22222 user@localhost
or from a different machine:
ssh -p 22222 user@sshlogin.yourhost.net
to log into your phone, whatever IP it has. The port-number, 22222 can of course be whatever you (or your NAT/router/firewall) prefers. The user-name "user" should be your user-name on your phone (which, of course usually is "user"
)
To allow login from a different machine than sshlogin.yourhost.net, you might also need to set "GatewayPorts" to "yes" in /etc/ssh/sshd_config on sshlogin.yourhost.net. However, note that once you do this, you have effectively put your phone's ssh-port directly on the Internet on a known IP and detectable port. At this point you will start getting routinely attacked, so make sure your ssh-password is secure! It might be safer to only allow login from within sshlogin.yourhost.net by setting "GatewayPorts" to "no". You can also remove the "-g" option from the establishment of the reverse port-forwarding.
Since the phone will drop the connection each time it changes network, you might want a small script that re-establishes the reverse port-forwarding as soon as it drops. That also requires an ssh-agent so the script doesn't stop and ask for a password all the time (the Internet has instructions on setting up an ssh-agent).
I use something along the lines of:
Put that in a file, and if you like, you can run the script in the background, guarded by nohup and output redirected to a logfile. You can even run it from upstart and have your phone always reachable from boot.
Of course, this allows you to fully log in to your phone from wherever, so you can do a lot more than just check Maep. You have full access to your phone from there, so go do whatever you please!
Last edited by stefanmohl; 2011-11-03 at 11:33. Reason: Corrected example port-number and increased delay to 10 minutes
Boemien: You don't really need the phone to have a fixed IP, as long as you have _some_ machine that is reachable over ssh (fixed ip or dyndns).
Just set up a reverse port-forwarding on your phone, like so:
ssh -g -R22222:localhost:22 sshlogin.yourhost.net
then, on sshlogin.yourhost.net, you can write:
ssh -p 22222 user@localhost
or from a different machine:
ssh -p 22222 user@sshlogin.yourhost.net
to log into your phone, whatever IP it has. The port-number, 22222 can of course be whatever you (or your NAT/router/firewall) prefers. The user-name "user" should be your user-name on your phone (which, of course usually is "user"
)To allow login from a different machine than sshlogin.yourhost.net, you might also need to set "GatewayPorts" to "yes" in /etc/ssh/sshd_config on sshlogin.yourhost.net. However, note that once you do this, you have effectively put your phone's ssh-port directly on the Internet on a known IP and detectable port. At this point you will start getting routinely attacked, so make sure your ssh-password is secure! It might be safer to only allow login from within sshlogin.yourhost.net by setting "GatewayPorts" to "no". You can also remove the "-g" option from the establishment of the reverse port-forwarding.
Since the phone will drop the connection each time it changes network, you might want a small script that re-establishes the reverse port-forwarding as soon as it drops. That also requires an ssh-agent so the script doesn't stop and ask for a password all the time (the Internet has instructions on setting up an ssh-agent).
I use something along the lines of:
Code:
#/bin/bash
while true;
do
echo "Running ssh: "`date +"%T, %a (%F)"`;
ssh -Nnqg -R22222:localhost:22 sshlogin.yourhost.net
sleep 600
done
Of course, this allows you to fully log in to your phone from wherever, so you can do a lot more than just check Maep. You have full access to your phone from there, so go do whatever you please!
Last edited by stefanmohl; 2011-11-03 at 11:33. Reason: Corrected example port-number and increased delay to 10 minutes
 |
|
2011-11-03
, 10:59
|
|
Posts: 528 |
Thanked: 345 times |
Joined on Aug 2010
@ MLB.AU
|
#25
|
excellent post stefanmohl!!!
I seem to have a little problem.. the ssh client I have installed doesn't like:
ssh -g -R222222:localhost:22 home.ip
Bad remote forwarding specification '222222:localhost:22'
I have openssh-server/client
I even installed dropbear-client.... i can't find the exec!! and it's still the same output... hmm
What ssh client did you install on the N900?
I seem to have a little problem.. the ssh client I have installed doesn't like:
ssh -g -R222222:localhost:22 home.ip
Bad remote forwarding specification '222222:localhost:22'
I have openssh-server/client
I even installed dropbear-client.... i can't find the exec!! and it's still the same output... hmm
What ssh client did you install on the N900?
|
|
2011-11-03
, 11:28
|
|
Posts: 172 |
Thanked: 170 times |
Joined on Jan 2010
@ Sweden
|
#26
|
Ooops, there was one '2' too much on the example port-number; port-numbers need to be between 0 and 65535. I am editing the example.
BTW, I also noticed another problem with the script: If you loose connection entirely, it will keep trying to re-establish the forwarding, draining your battery if you are out of reach for too long. For now, I fixed it by increasing the sleep to 600 (ten minutes).
BTW, I also noticed another problem with the script: If you loose connection entirely, it will keep trying to re-establish the forwarding, draining your battery if you are out of reach for too long. For now, I fixed it by increasing the sleep to 600 (ten minutes).
| The Following User Says Thank You to stefanmohl For This Useful Post: | ||
|
|
2011-11-03
, 12:39
|
|
Posts: 528 |
Thanked: 345 times |
Joined on Aug 2010
@ MLB.AU
|
#27
|
Thanks heaps!!! that got it good
I felt abit like a noob
.... for a while 
haha
A better place to put that command is the if-up.d eg:
/etc/network/if-up.d/00_startreverse.sh
/etc/network/if-down.d/00_stopreverse.sh
Thanks again
I felt abit like a noob
.... for a while hahaA better place to put that command is the if-up.d eg:
/etc/network/if-up.d/00_startreverse.sh
/etc/network/if-down.d/00_stopreverse.sh
Thanks again
| The Following 2 Users Say Thank You to bingomion For This Useful Post: | ||
|
|
2011-11-03
, 13:36
|
|
Posts: 528 |
Thanked: 345 times |
Joined on Aug 2010
@ MLB.AU
|
#28
|
Hmmm.. just wondering what the drain on the battery and gprs data would be having ssh tunnel open in the background?
I'll try it for a while see if i notice a diff
I'll try it for a while see if i notice a diff
|
|
2011-11-03
, 15:15
|
|
Posts: 528 |
Thanked: 345 times |
Joined on Aug 2010
@ MLB.AU
|
#29
|
links on auto auth on password for reverse tunneling
Working good
http://urpo.garage.maemo.org/help.html#keygen
http://webcache.googleusercontent.co...ient=firefox-a
Working good
http://urpo.garage.maemo.org/help.html#keygen
http://webcache.googleusercontent.co...ient=firefox-a
| The Following User Says Thank You to bingomion For This Useful Post: | ||
|
|
2012-06-20
, 17:08
|
|
Posts: 172 |
Thanked: 170 times |
Joined on Jan 2010
@ Sweden
|
#30
|
However, the advice to have a private key without a password, with the corresponding public key in the authorized_keys file of the remote machine is dangerous, in particular when the unprotected private key is stored in a mobile device!
It is much better to do a real password protect of the private key, and then use ssh-agent to hold the unlocked version of the key.
It is much better to do a real password protect of the private key, and then use ssh-agent to hold the unlocked version of the key.
Hmmm, I wonder if we could figure out how to forward sound and microphone from the phone-app to the X-server on the PC... Then you could make mobile-phone calls from your PC-headset...