[SailfishDevel] SSH listen address
E.S. Rosenberg
es.rosenberg+sailfishos.org at gmail.com
Sun Apr 19 21:38:00 UTC 2015
2015-04-19 23:55 GMT+03:00 Kimmo Lindholm <Kimmo.Lindholm at eke.fi>:
> I'm also not worried on mobile side, but more on allowing ssh in while
> visiting random wlan networks.
> If the wlan network configuration had something like "home network" and
> "public network", and ssh logins allowed only on "home network" ?
>
This worries me but not as much since I have unlimited data the only time I
ever connect to a wireless network is at home, but it is definitely an
issue.
>
> I remember also seeing an app for allowing ssh in only after user
> acceptance on phone.
>
> On mobile side, I can activate a public IP for the phone (Saunalahti,
> Finland) but that works only for 3G.
>
I am not worried about the public IP, I have no doubt that the NAT will
stop it, I am worried about the other mobile users who are also on the NAT,
if they can port-scan the 10.0.0.0/8 network they are on and talk to the
other hosts (phones) freely then we do need to be worried...
An additional reason for it to be worrisome is that for now we are still
using default usernames, I am looking forward to the day that my phone will
not have a default username (nemo/user) but whatever I choose during setup.
If someone can explain why we don't have it already I would really
appreciate that but it is OT...
Regards,
Eli
>
> -kimmo
>
> -----Original Message-----
> From: devel-bounces at lists.sailfishos.org [mailto:
> devel-bounces at lists.sailfishos.org] On Behalf Of Ove Kåven
> Sent: 19. huhtikuuta 2015 22:07
> To: devel at lists.sailfishos.org
> Subject: Re: [SailfishDevel] SSH listen address
>
> Den 19. april 2015 18:50, skrev E.S. Rosenberg:
> > So this leaves an, I think, interesting question: how do we on the one
> > hand allow SSH access while on the other hand preventing access from
> > GSM/3G/4G?
>
> Is it important? Most likely your carrier is going to firewall you anyway.
>
> As an experiment, I just tried pinging and ssh-ing to my 4G-connected
> phone, but neither worked. That is, I tried to connect to the IP address
> shown in "ifconfig rmnet0" (which is showing a real IP address, not NAT),
> but apparently something is blocking it. (And my ssh seems to be listening
> on all interfaces.) So at least for me, there seems to be no need to do
> anything to prevent such access. I'm guessing it's pretty much the same for
> all carriers.
>
> _______________________________________________
> SailfishOS.org Devel mailing list
> To unsubscribe, please send a mail to
> devel-unsubscribe at lists.sailfishos.org
> _______________________________________________
> SailfishOS.org Devel mailing list
> To unsubscribe, please send a mail to
> devel-unsubscribe at lists.sailfishos.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.sailfishos.org/pipermail/devel/attachments/20150420/6ea49f69/attachment.html>
More information about the Devel
mailing list