| ncrowl | uhg, searching for "ssh" on maemo-talk-forum, last message for "fremantle/maemo5" 2017. Dated stuff. ssh on the n900 can't connect out (only in). | 00:24 |
|---|---|---|
| ncrowl | not a minut goes by, I seeing ssh crack attempts on my VM | 00:25 |
| Maxdamantus | 09:06:55 < ncrowl> KotCzarny: hi, anyway possible? the easy-deb image I had installed had invalid certs also, outdated also.. Was thinking of copy "maemo-leste" deasy-devian image (but their wikipage is down atm | 00:53 |
| Maxdamantus | FYI, this was my solution: https://gist.github.com/Maxdamantus/e32ab94dbc5d9d43298428400020620e | 00:53 |
| Maxdamantus | (I don't really use N900 anymore, but I wrote that MITM proxy that was able to compile that against a new version of OpenSSL and ran it on the device) | 00:55 |
| Maxdamantus | I used Opera and had to use some desktop version to create a CA store containing my own CA certificate. | 00:56 |
| sixwheeledbeast | outdated libs is my main reason I suggest its not sensible, not the lack of memory although that is a factor. | 13:25 |
| sixwheeledbeast | if your on 3G and doing a bit of browsing your probably behind so CGNAT/NAT which will offer a little protection. But hosting a inet facing service probably ain't sensible. | 13:27 |
| sixwheeledbeast | with most sites being https by default you need some workaround like above to browse anyway. | 13:28 |
| ncrowl | sixwheeledbeast: I only deply webservers (on devices) temporarly, charing images (multimedia). Using module (or cgi-script) for: simple auth (without cryptation), and list-dir | 14:49 |
| ncrowl | chatgtp helped me connect my n900 to my VM, worked, now just havto boost security and thisandthat | 19:07 |
| ncrowl | Maxdamantus: ? was this your post: https://talk.maemo.org/showthread.php?t=101278 | 19:38 |
| Maxdamantus | ncrowl: no. | 20:08 |
| Maxdamantus | ncrowl: I used Opera, not Opera Mini. | 20:08 |
| Maxdamantus | Opera Mini is a thin client that displays content rendered by Opera's servers (dunno if they're still up) | 20:09 |
| Maxdamantus | iirc Opera (maybe it was called "Opera Mobile", but definitely not "Opera Mini") is part of the standard software store on Maemo. | 20:10 |
| ncrowl | Maxdamantus: oki, namings, I have 'Opera Mobile' from standar maemo-repository also, sortof dated also, -shttp doesnt work (and I dono if I dig Opera). Another silly way would be to use VNC to a machine, that have everthing setup, desktop.. | 20:13 |
| Maxdamantus | Right, I would assume that native SSL at this point will be broken for pretty much everything, but using a MITM proxy like my one should solve that. | 20:14 |
| Maxdamantus | since the proxy is the program that does the actual TLS/SSL to the outside world, and the browser is just talking to the proxy, which is running locally so not really a security concern. | 20:15 |
| Maxdamantus | the MITM proxy will also do validation of external certificates. | 20:16 |
| Maxdamantus | I used to just build/run the proxy within a debian (wheezy) chroot that I was running on the N900. I was also able to build new versions of OpenSSL in that environment. | 20:17 |
| ncrowl | oki. "plan9" an OS without web-browser (users are suggested to use VMs), a minimalist **** | 20:18 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!