The officially official Devuan Forum!

You are not logged in.

#1 2021-12-06 22:15:20

Altoid
Member
Registered: 2017-05-07
Posts: 1,044  

Devuan, ssh and a Palm T|X

Hello:

After seeing Élisabeth's plight to recover from a damaged laptop keyboard problem, I started thinking about the different ways you could get out of a problem like that one.

I long ago made it a point of always having at least one spare kb at hand and in case that fails, BIOS enabled RS232 and on-board USB ports.

But as Murphy is always lurking, I set out to see if eg: I could make do with my Palm T|X on the ADSL router via WiFi.

I would have preferred to use a cable to RJ45 port solution but I don't know of any PalmOS TCP/IP applications or adaptors and the Palm T|X only has a USB port.

Easier said that done.

I was quite surprised to see that ssh applications for PalmOS5 are practically non-existent: I only found three and one of them (Top Gun ssh) was just for older models like the Palm Pilot Professional.

The other two are TUssh and pssh, I finally settled on this last one.

Tl;dr:
After many hours of fiddling/browsing and some great help from a chap at comp.security.ssh, I managed to ssh into the Devuan ascii VBox VM I have running PiHole for my Devuan Beowulf installation.

If anyone is interested, you can see most if not all the gory details here: https://groups.google.com/g/comp.securi … u0VvfEQudc

Of course, I am quite aware that ssh'ing into a system using deprecated protocols obviously implies security issues, but in this specific case I think I have attenuated them with three four things:

1. Access to the ADSL router via WiFi is MAC filtered. ie: it will only allow *this* specific Palm T|X handheld to log in.

2. A (relatively) complex WPA/WPA2 PSK Mixed PW such as this one is used: 4N@8974+6231, obviously with room to improve.

Unfortunately, the good people at Palm saw it fit to make the last Personal security upgrade only to WEP/WPA-PSK with a pre-shared key which made it useless outside the realm of home routers.

Enterprise security got EAP-TLS, EAP-TTLS, PAP, CHAP, MSCHAP, MSCHAPv2, EAP-GTC (password), EAP-MD5-Challenge, EAP-MSCHAPv2, EAP-PEAP (v0 and v1), MSCHAPv2, GTC (password), MD5-Challenge, LEAP and Dynamic WEP (WEP encryption with 802.1x based authentication).

3. For the time being, WiFi is enabled on a per-case basis till I can think up a more complex PW.

4. The destination machine's default port for ssh has been changed from 22 to one above 1024 / below 5000.

Best,

A.

Last edited by Altoid (2021-12-09 22:09:40)

Offline

Board footer