![]() |
#1 |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
ssh shell/ftp access for PocketBook Pro readers
I've put together a package for running a secure shell daemon on the PocketBook Pro readers without needing root privileges. This allows one to use scp, sftp and ssh from a computer to access the reader. Unfortunately, because the daemon runs under the non-root reader account, it can't use passwords for logging in. Instead, authorization keys have to be used instead of passwords. This isn't difficult to do, but does make the set-up a little harder than just copying the files over and clicking the start application. I've attached the zip file with the necessary programs and scripts, and also attached the README.txt file from inside the zip file so people can judge if they want to bother with this or not.
The ssh shell is pretty rudimentary because of problems with creating ptys from non-privileged accounts. If enough people want this, maybe we can convince PB to fix that within their firmware. The ssh programs were built using LoneTech's qemu-based build system. They are for arm-eabi systems only, so won't work on the older 30X and 360 systems. However, the configuration options for building the openssh package are given in the README.txt file, and anyone with an older arm build system should be able to create programs for the readers using the older ABI. Edit: The first time you run sshd_start, it takes a while to run because it is generating host keys for the system. Please be patient. Edit 2: Re-uploaded new files that include the "create-keys" functionality suggested by @apos. Edit 3: Added sreader account as allowed login name, and updated README.txt. Users of new firmware versions should use sreader as the login name rather than reader Edit 4: Added pop up dialog stating the IP address and port. Edit 5: Added a version for devices with firmware 5 (since they use new openssl libraries). Edit 6: Added a version for devices with firmware 6. Log in as user "reader" on those devices. Last edited by rkomar; 12-28-2020 at 04:49 PM. |
![]() |
![]() |
![]() |
#2 |
Zealot
![]() ![]() Posts: 110
Karma: 138
Join Date: Mar 2011
Device: PB903, PB603
|
ssh
Hi rkomar,
thanks a lot for that attempt. I do not get logged in though: Code:
sftp -P 1124 reader@192.168.2.34 I created a key pair before and copied the public key to the "authorized_keys2" file. Besides that: i think a normal ftp instead of sftp could be even more useful. Windows users could connect via ftp in explorer this way (like it was possible by "get_root"). Even better a Samba server on PBs side would be to Windows users. |
![]() |
![]() |
Advert | |
|
![]() |
#3 | |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
Quote:
As far as the other stuff goes, I don't think you can run telnetd or ftpd as non-root user. The whole point of this was to provide something for a non-rooted device. I agree that the secure versions of ftp, telnet and rcp are much less common, but I don't see what else to do about it. I haven't looked into running samba under a non-privileged account. I don't know if it is possible or not, but I'll have a look. I agree that it would be pretty useful. |
|
![]() |
![]() |
![]() |
#4 |
Zealot
![]() ![]() Posts: 110
Karma: 138
Join Date: Mar 2011
Device: PB903, PB603
|
log
Code:
/mnt/ext1/applications/pb_sshd/usr/sbin/sshd: /lib/libcrypto.so.0.9.8: no version information available (required by /mnt/ext1/applications/pb_sshd/usr/sbin/sshd) |
![]() |
![]() |
![]() |
#5 |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
I've looked around a bit online, and apparently it is possible to run a samba server under a non-root account, but the port it listens on has to be above 1024. After a quick look, the only way I saw to get a Windows machine to access a different port is to map port 139 to the new one using ssh tunneling. The process is pretty involved, and needs putty installed on the system. If you have putty installed, then you might as well use it to copy files over to the reader's sshd server.
Anyway, I'm willing to give someone a hand building samba for the PocketBook Pro devices if they want to pursue this, but I don't use Windows much myself, so I wouldn't want to do the bulk of the work. |
![]() |
![]() |
Advert | |
|
![]() |
#6 |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
|
![]() |
![]() |
![]() |
#7 | |
Enthusiast
![]() Posts: 40
Karma: 10
Join Date: Jul 2008
Location: Germany
Device: Zaurus-5500G, PB-903, PB-603, Tolino Vision 2
|
Quote:
I have run into the /dev/ptmx problem earlier. Your work on sshd finally made me asking Fork to change the default access modes for /dev/ptmx. See my post here https://www.mobileread.com/forums/sho...31#post1863531 (the post is in the German forum, scroll down to see the English version) |
|
![]() |
![]() |
![]() |
#8 | |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
Quote:
|
|
![]() |
![]() |
![]() |
#9 |
Connoisseur
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 80
Karma: 20837
Join Date: Aug 2011
Device: prs 505, pocketbook 903, onyx boox m92
|
Thanks a lot for the sshd, rkomar - its fantastic to have it.
Because I am running 2.1.2 rc3, and don't know how to root it, I wrote myself a little ssh command line wrapper that allows me to still use ssh in a somewhat 'natural' way. It needs python to be installed on your host, run it like 'python pbshell.py address', with address being the ip or hostname of the pocketbook (which defaults to pb in my local setup) http://baach.de/static/pbshell.py Last edited by jbaach; 12-05-2011 at 07:36 AM. |
![]() |
![]() |
![]() |
#10 | ||
Enthusiast
![]() Posts: 40
Karma: 10
Join Date: Jul 2008
Location: Germany
Device: Zaurus-5500G, PB-903, PB-603, Tolino Vision 2
|
Quote:
|
||
![]() |
![]() |
![]() |
#11 |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
Thanks jbaach. Unfortunately, my desktop machine is still using python 2.6, and so doesn't have the argparser module. However, I tried it on a virtual machine with python 2.7 installed, and it works nicely there. It _is_ an improvement over the bare, promptless, shell.
![]() |
![]() |
![]() |
![]() |
#12 | |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
Quote:
It was when I was googling for similar ssh problems that I saw others suggesting the same changes for /dev/pty in /etc/fstab on other Unix systems. Perhaps this is only important for those applications that use the openpty() system call (like sshd does). I noticed while googling that some sshd clones (dropbear?) use an openpty() clone instead of the actual system call. I think I'll take a look at that and see if it would work on a default PB reader. |
|
![]() |
![]() |
![]() |
#13 | |
Connoisseur
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 80
Karma: 20837
Join Date: Aug 2011
Device: prs 505, pocketbook 903, onyx boox m92
|
Quote:
|
|
![]() |
![]() |
![]() |
#14 |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,030
Karma: 18765431
Join Date: Oct 2010
Location: Sudbury, ON, Canada
Device: PRS-505, PB 902, PRS-T1, PB 623, PB 840, PB 633
|
Yes, that runs even with my python 2.6 package. I would recommend to people who want to use this to not use a passphrase with their private key, though, because it gets tedious typing it in after every command.
|
![]() |
![]() |
![]() |
#15 |
Zealot
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 126
Karma: 28670
Join Date: Dec 2011
Location: Ludwigshafen, Germany
Device: 623 Touch Lux, 912 Pro (selled), Surfpad 4 L, Waiting for CAD-Reader !
|
Hi rkomar,
first of all: thanks for your software and "merry chrismas" I tried "pbsshd" on a new PocketBook 912 Pro but had no luck. I get a "connection refused". I am an old school linuxer and know how to connect and configure ssh-client and -server with keys, but I didn't succeed in this case. Unfortunately, i cannot get the poterm to run on the device. Code:
ssh -vv -p 1124 reader@192.168.178.35 OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e 6 Sep 2011 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.178.35 [192.168.178.35] port 1124. debug1: connect to address 192.168.178.35 port 1124: Connection refused ssh: connect to host 192.168.178.35 port 1124: Connection refused Code:
Host * SendEnv LANG LC_* HashKnownHosts yes GSSAPIAuthentication yes GSSAPIDelegateCredentials no ServerAliveInterval 120 Short question: is this version binary compatible? It seams to be, because a log-file is created, so the daemon seams to be running: Code:
/mnt/ext1/applications/pb_sshd/usr/sbin/sshd: /lib/libcrypto.so.0.9.8: no version information available (required by /mnt/ext1/applications/pb_sshd/usr/sbin/sshd) THX in advance Axel |
![]() |
![]() |
![]() |
Thread Tools | Search this Thread |
|
![]() |
||||
Thread | Thread Starter | Forum | Replies | Last Post |
Root / Shell / Term / SSH / editor on a Kindle 2? | JDShaffer | Kindle Developer's Corner | 2 | 12-13-2010 07:11 PM |
Can't get shell access | MarkRPenn | iRex | 11 | 10-26-2007 07:58 PM |
Shell Access ? | grayfox | iRex | 6 | 10-14-2007 05:56 PM |
FTP access open to new developers | Alexander Turcic | Announcements | 2 | 05-05-2007 12:02 PM |