You are not logged in.
- Topics: Active | Unanswered
#1 2021-12-06 22:15:20
- Altoid
- Member
- Registered: 2017-05-07
- Posts: 1,581
Devuan, ssh and a Palm T|X
Hello:
After seeing Élisabeth's plight to recover from a damaged laptop keyboard problem, I started thinking about the different ways you could get out of a problem like that one.
I long ago made it a point of always having at least one spare kb at hand and in case that fails, BIOS enabled RS232 and on-board USB ports.
But as Murphy is always lurking, I set out to see if eg: I could make do with my Palm T|X on the ADSL router via WiFi.
I would have preferred to use a cable to RJ45 port solution but I don't know of any PalmOS TCP/IP applications or adaptors and the Palm T|X only has a USB port.
Easier said that done.
I was quite surprised to see that ssh applications for PalmOS5 are practically non-existent: I only found three and one of them (Top Gun ssh) was just for older models like the Palm Pilot Professional.
The other two are TUssh and pssh, I finally settled on this last one.
Tl;dr:
After many hours of fiddling/browsing and some great help from a chap at comp.security.ssh, I managed to ssh into the Devuan ascii VBox VM I have running PiHole for my Devuan Beowulf installation.
If anyone is interested, you can see most if not all the gory details here: https://groups.google.com/g/comp.securi … u0VvfEQudc
Of course, I am quite aware that ssh'ing into a system using deprecated protocols obviously implies security issues, but in this specific case I think I have attenuated them with three four things:
1. Access to the ADSL router via WiFi is MAC filtered. ie: it will only allow *this* specific Palm T|X handheld to log in.
2. A (relatively) complex WPA/WPA2 PSK Mixed PW such as this one is used: 4N@8974+6231, obviously with room to improve.
Unfortunately, the good people at Palm saw it fit to make the last Personal security upgrade only to WEP/WPA-PSK with a pre-shared key which made it useless outside the realm of home routers.
Enterprise security got EAP-TLS, EAP-TTLS, PAP, CHAP, MSCHAP, MSCHAPv2, EAP-GTC (password), EAP-MD5-Challenge, EAP-MSCHAPv2, EAP-PEAP (v0 and v1), MSCHAPv2, GTC (password), MD5-Challenge, LEAP and Dynamic WEP (WEP encryption with 802.1x based authentication).
3. For the time being, WiFi is enabled on a per-case basis till I can think up a more complex PW.
4. The destination machine's default port for ssh has been changed from 22 to one above 1024 / below 5000.
Best,
A.
Last edited by Altoid (2021-12-09 22:09:40)
Offline
