Originally Posted by geekmaster
I finally got SSH working in diags mode on the touch. The key was that after copying all the dropbear files from /mnt/mmc/* to /* (mmcblk0p1 to mmcblk0p2), I had to reboot the kindle before I could get it to work. For some reason, starting dropbear manually from inside a reverse shell caused "dropbear permission denied (publickey)" errors during SSH logins, but after rebooting, the "Enable USBnet" menu now starts SSH after you select Exit. You cannot login for about 20 seconds while dropbear starts up. Then it logs in fine. Surprisingly, the diags login is fionaXXX on my Touch (I was expecting mario, like K4NT diags uses).
I plan to add this to the diags part of my kindle recovery package, so a menu item will let you install SSH (from yifanlu's jailbreak package). I will also add menu items to install update and developer keys. I want to make it support plugins (similar to yifanlu's launch menu), so custom packages can be added to during repair and/or installation.
Things may start out a bit complicated, but they get streamlined and simplified as progress is being made. I will post a package here when I get it together.
I plan to use the diags tar bug, with a payload in /var/local/wan/info, and the "AR 11g factory test" used to trigger it. I requested that this be kept secret by those I shared it with, but it is now public (because we need a way to run our code in diags), so go ahead and use it. I will post my code using that method, which you can use as an example.
|