Squeak as a desktop - needs ssh

Kevin Fisher kgf at golden.net
Wed Jul 10 23:06:10 UTC 2002


On Wed, Jul 10, 2002 at 10:58:45PM +0200, Ian Piumarta wrote:
> First, I want to say a really big "thanks!" for the nice comments several
> of you have made (both on and off list) concerning the telnet/pty/xterm
> stuff.  Its motivation enough for me to continue to improve it.

Please do!  It's great!

> 
> On Wed, 10 Jul 2002, Patrick Curtain wrote:
> > Agreed!  I'm surprised at how much of my day's effort I can complete 
> > staying in squeak.  On my end, though, the terminal app will need secure 
> > shell support, ssh, to be useful.
> > 
> > Is this on anyone's radar?  Anyone already working on it?
> 
> I did try rsh/rlogin.  The protocol took about 10 minutes to implement
> (seriously: read RFC 1282 [it's 4 pages long] to see how utterly *trivial*
> it is compared to telnet) but the server _refuses_ the connections because
> it insists that the client be connecting from a privileged port.  Short of
> inciting peole to run Squeak as root (ha ha!) I gave it up as a waste of
> time.
> 
> I notice that ssh is suid root (just like rsh) so I assume sshd also
> requires the client connection to be coming from a privileged port.

Really?  All my machines use OpenSSH (www.openssh.com) and the ssh client
executables aren't SUID at all:

-rwxr-xr-x    1 root     root       231132 Jun 26 18:29 /usr/bin/ssh*

> 
> OTOH, the pty stuff doesn't care in the slightest what you choose run as a
> "shell".  Setting the shell command to "/usr/bin/ssh login at machine" works
> just fine.  (I've been doing just that to connect through a firewall to
> read my mail from within Squeak, without having a local shell in the way.)
> 
> Of course this doesn't address the case of using Squeak as "the" (only) OS
> on the machine, a situation in which you could legitimately expect to be
> able to allocate priviliged ports.  But then you've got a sacred task on
> your hands: implementing the ssl layer in the (Squeak) SshProtocol.  (Not
> to mention the rest of the TCP stack underneath it. ;-)

Well, command-line ssh clients -do- exist for Windows...but TeletypeWindow
doesn't work on Windows yet, correct?  And I believe Mac OS X ships with
OpenSSH as well..

> 
> I guess an OpenSSL plugin wouldn't be too difficult (but that would be
> cheating! ;), but there would still be the problem of allocating the
> privileged port.  Plus, if you've got libssl lying around then you've
> almost certainly got /usr/bin/ssh lying aroud too -- and we're kind of
> back to where we started.
> 
> Ian
> 
> 



More information about the Squeak-dev mailing list