|
|
Post by getmythe on Apr 22, 2007 20:24:27 GMT 7
The next step, SSH Module 3.1.00!
I've recompiled all ssh related binaries and included client programs ssh, sftp and scp in the latest SSH module release. That's why from now on only n2100 firmware 2.1.05 is supported (I cannot test older versions, sorry about that). That much about the boring part ...
The really interesting News is user logins via ssh! If enabled on the options page any user listed in the 'Accounts -> Users' section of the web interface will be granted access via ssh. Their home directory will be /home/smbusers regardless of the respective user name. Please be aware that a) I will not be held responsible for users taking over control of your n2100 and b) the contents of /home/smbusers is lost on each reboot (limited volatile storage, do not use!).
have fun
getmythe
|
|
|
|
Post by ianhasund on May 6, 2007 22:15:51 GMT 7
I have just tried installing this and all seems to go ok with the install. However, when I try to connect, I get the following error from my ssh clinet (SSH Tectia Client v 5.1)
Failed to open a secure terminal session: authentication error
Any ideas?
|
|
|
|
Post by ryebank on May 12, 2007 1:47:50 GMT 7
Good work getmythe ... seeing as this sems to be your area of expertise I was wondering what are the chances of getting OpenVPN working on the Thecus? As it has two net cards aiming one at the internet with OpenVPN would be a great feature for remote access
|
|
|
|
Post by getmythe on May 12, 2007 2:44:14 GMT 7
Compiling openvpn is no big deal, takes about an hour to get everything packed into a module. But, writing a configuration which can easily be adapted to any users needs is almost impossible. E.g. I not even going to try! If you can live with the binary and are willing to write the config yourself, I can compile openvpn for you.
|
|
|
|
Post by majority on May 14, 2007 17:45:49 GMT 7
hola.
what version of SSH is it you are compiling?
|
|
|
|
Post by getmythe on May 15, 2007 4:06:41 GMT 7
I compiled both ssh and openvpn from the Thecus sources for firmware 2.1.05. While they are not the latest versions I do avoid any versioning conflicts with the internal libraries this way.
|
|
|
|
Post by ryebank on May 17, 2007 5:34:54 GMT 7
getmythe - thanks for the offer of a OpenVPN module
I agree the config would be tricky to setup via a module - so yes I would be very happy to try just the openvpn module and config it myself - and if I get it working I'll document how I got it going
|
|
|
|
Post by getmythe on May 18, 2007 19:42:45 GMT 7
ryebank, download archive OPENVPN-META.zip, extract zip and load both files onto your Thecus into directory /raid/module/META/startup. Have a look at script openvpn.sh.off. The rest I'll leave up to you. www.freeside.ch/thecus/betacode/OPENVPN-META.zipThere is a simple server and client configuration delivered with the setup. I used it to create an openvpn tunnel between a MacBook (using Tunnelblick) and a Thecus located on different subnets. have fun getmythe |
|
|
|
Post by ryebank on May 19, 2007 2:57:44 GMT 7
Thanks a bundle - I'll give it a go
|
|
|
|
Post by getmythe on May 24, 2007 18:49:01 GMT 7
Any success with OPENVPN? My network security staff (e.g. me, myself and I plus grep) reported half a dozend downloads as of yesterday  , but sofar I did not get any feedback at all. |
|
|
|
Post by majority on May 25, 2007 17:56:02 GMT 7
Hey getmythe I was wondering if you could compile a version of SSH with this patch --- chrootssh.sourceforge.net/ ? I'd like to be able to login with a certain user and automatically get chrooted in to my debian chroot. Been trying to compile openssh with it myself (in the chroot on my n2100), but having some trouble with it (probably because I really don't know what I'm doing). So far, I've gotten the openssl version from the n2100 source to compile (I believe.. some same errors appear throughout the compile but libraries seem to appear at the end -- following this guide brneurosci.org/linuxsetup54.html), but I'm having trouble compiling openssh, something with it can't find my Openssl version headers. Anyhow, also, if I ever do manage to get it to compile, I'm thinking I wouldn't just be able to replace binaries in your SSH.mod to get it to work because I haven't set dependencies to be the right places... or something... and so I thought I'd ask if you would try compiling it for me. or if you could come with some pointers  thanks, minority |
|
|
|
Post by getmythe on May 26, 2007 1:39:46 GMT 7
Hi majority, you've got PM ;D
|
|
|
|
Post by getmythe on May 27, 2007 19:57:24 GMT 7
Good News, according to majority chroot support is working fine in the patched sshd! I may therefore announce the availability of SSH module version 3.2.00 with chroot user support plus new utility ssh-keygen. Have a look at chrootssh.sourceforge.net/ for more info on chrooted ssh. have fun getmythe |
|
|
|
Post by stevenh on May 27, 2007 21:03:41 GMT 7
That sounds great!
Can you also add one more thing? Can you add the option to configure the ssh port? I was thinking of giving it a go at doing it myself since I only need to change a file in /etc/ssh and restart the daemon... i've done it manually but would like to see it available in the modules page and I've no idea how to do input forms there...
|
|
|
|
Post by ryebank on May 31, 2007 5:22:30 GMT 7
Sorry getmythe - not had a chance to play with the openvpn as I have been really busy with other things ... I will let you know when I do
|
|
, but sofar I did not get any feedback at all.