OLPC Part 11: How I dealt with pop-up alert boxes, sshd, and the best thing so far: nxclient
At work, and some other sites, to connect to the wireless, you get a popup that asks for a login or password. The XO browser sucks at this. Plain and simple, it doesn't block popups: it simply doesn't render them. So when you have to log in to a wireless connection or a password site that uses a simple Javascript authentication popup, you never see it. Our Juniper Netscreen 5GT at work is like this, and thus I could not get wireless access.
But I remembered that the old text browser, lynx, does popups in a very unusual way. So when I was connected at home, I did a "yum install lynx" as root, and only had to download one extra dependency. Then I tried my Linksys WAP, but sadly, that popup is password-only (even though it asks for a login and password, you just leave the login blank). Lynx didn't know how to handle "blank field," so it kept asking me, "Do you want to not use a login/password." I didn't know how to tell it, "No login, just password."
But work asks for both, and I am happy to report I got connected today.
In other news, thanks to a reader tip who answered a question I forgot about (is sshd enabled and let you log in?), it seems that not only is sshd enabled, but there is no password for root (which I knew locally via "su -"). This would make it seem as if a root login is available to anyone who connects to my system! Yikes! I could imagine at an OLPC conference where one rogue hacker... does rude things.
However, I noticed that ssh to my own IP (192.168.x.x) and to localhost (127.0.0.1), logging in as "root" a blank password gets denied. I had not tried logging in for a different system to my OLPC yet, but I figured this was the next best thing. I checked the sshd_config file, and it seems to be default "PermitRootLogin=yes," and I saw no PAM restrictions to prevent root login, the /etc/passwd file has a shell enabled, so I was at a loss as to what is blocking me, until a little research showed that "PermitEmptyPasswords" was a feature in the conf file, and the default is "no."
I am still not sure this is safe. Apparently, the build that shipped with the OLPC is okay with changing the root and olpc account password... for now... but I want to know, WHY is sshd enabled?
The chorus of angels part of this post has to be installing the NX client. It was also easy with yum.
Because of this, I don't need to worry about installing much else on the OLPC; it's on my Linux box at home. Browsers, bookmarks, my image files, even IM are all via an ssh X connection this way. This is MEGA-cool!
But I remembered that the old text browser, lynx, does popups in a very unusual way. So when I was connected at home, I did a "yum install lynx" as root, and only had to download one extra dependency. Then I tried my Linksys WAP, but sadly, that popup is password-only (even though it asks for a login and password, you just leave the login blank). Lynx didn't know how to handle "blank field," so it kept asking me, "Do you want to not use a login/password." I didn't know how to tell it, "No login, just password."
But work asks for both, and I am happy to report I got connected today.
In other news, thanks to a reader tip who answered a question I forgot about (is sshd enabled and let you log in?), it seems that not only is sshd enabled, but there is no password for root (which I knew locally via "su -"). This would make it seem as if a root login is available to anyone who connects to my system! Yikes! I could imagine at an OLPC conference where one rogue hacker... does rude things.
However, I noticed that ssh to my own IP (192.168.x.x) and to localhost (127.0.0.1), logging in as "root" a blank password gets denied. I had not tried logging in for a different system to my OLPC yet, but I figured this was the next best thing. I checked the sshd_config file, and it seems to be default "PermitRootLogin=yes," and I saw no PAM restrictions to prevent root login, the /etc/passwd file has a shell enabled, so I was at a loss as to what is blocking me, until a little research showed that "PermitEmptyPasswords" was a feature in the conf file, and the default is "no."
I am still not sure this is safe. Apparently, the build that shipped with the OLPC is okay with changing the root and olpc account password... for now... but I want to know, WHY is sshd enabled?
The chorus of angels part of this post has to be installing the NX client. It was also easy with yum.
- Go to the NoMachine site
- Download the nxclient***.i386.rpm (via wget, the XO browser did something with the file... never figured out what, I did a find / -name "*.rpm" and everything and couldn't find the damn download)
- Become root
- Edit your /etc/yum.conf and change "gpgcheck=0" (or you'll get an error about an unsigned key)
- Do yum localinstall nxclient[blahblah].i386.rpm
- Agree to the dependencies (I only had one)
- After the install, get out of root with an "exit" (safer this way)
- To run the NoMachine client, /usr/NX/bin/nxclient and it will launch the config setup.
- You're on your own, now. If you haven't used nxclient before, well... read their documentation! :) Obviously, it would have to connected to an NX Server on a Linux box.
Because of this, I don't need to worry about installing much else on the OLPC; it's on my Linux box at home. Browsers, bookmarks, my image files, even IM are all via an ssh X connection this way. This is MEGA-cool!