Squeak as a desktop - needs ssh
Kevin Fisher
kgf at golden.net
Wed Jul 10 23:06:10 UTC 2002
On Wed, Jul 10, 2002 at 10:58:45PM +0200, Ian Piumarta wrote:
> First, I want to say a really big "thanks!" for the nice comments several
> of you have made (both on and off list) concerning the telnet/pty/xterm
> stuff. Its motivation enough for me to continue to improve it.
Please do! It's great!
>
> On Wed, 10 Jul 2002, Patrick Curtain wrote:
> > Agreed! I'm surprised at how much of my day's effort I can complete
> > staying in squeak. On my end, though, the terminal app will need secure
> > shell support, ssh, to be useful.
> >
> > Is this on anyone's radar? Anyone already working on it?
>
> I did try rsh/rlogin. The protocol took about 10 minutes to implement
> (seriously: read RFC 1282 [it's 4 pages long] to see how utterly *trivial*
> it is compared to telnet) but the server _refuses_ the connections because
> it insists that the client be connecting from a privileged port. Short of
> inciting peole to run Squeak as root (ha ha!) I gave it up as a waste of
> time.
>
> I notice that ssh is suid root (just like rsh) so I assume sshd also
> requires the client connection to be coming from a privileged port.
Really? All my machines use OpenSSH (www.openssh.com) and the ssh client
executables aren't SUID at all:
-rwxr-xr-x 1 root root 231132 Jun 26 18:29 /usr/bin/ssh*
>
> OTOH, the pty stuff doesn't care in the slightest what you choose run as a
> "shell". Setting the shell command to "/usr/bin/ssh login at machine" works
> just fine. (I've been doing just that to connect through a firewall to
> read my mail from within Squeak, without having a local shell in the way.)
>
> Of course this doesn't address the case of using Squeak as "the" (only) OS
> on the machine, a situation in which you could legitimately expect to be
> able to allocate priviliged ports. But then you've got a sacred task on
> your hands: implementing the ssl layer in the (Squeak) SshProtocol. (Not
> to mention the rest of the TCP stack underneath it. ;-)
Well, command-line ssh clients -do- exist for Windows...but TeletypeWindow
doesn't work on Windows yet, correct? And I believe Mac OS X ships with
OpenSSH as well..
>
> I guess an OpenSSL plugin wouldn't be too difficult (but that would be
> cheating! ;), but there would still be the problem of allocating the
> privileged port. Plus, if you've got libssl lying around then you've
> almost certainly got /usr/bin/ssh lying aroud too -- and we're kind of
> back to where we started.
>
> Ian
>
>
More information about the Squeak-dev
mailing list
|