Page 1 of 2 12 LastLast
Results 1 to 20 of 38
  1.    #1  
    I have searched through the forums and through webos-internals and I cannot seem to find the exact information I am looking for.

    What I'd like to do is to use Internet Explorer (or Windows Explorer) to FTP into my phone over EVDO. I don't really care if it's secure transfer or not, but I just want to be able to drag and drop files to and from my Pre using a Windows explorer page, just like if I were to log in to an FTP server in Internet Explorer. Of course, the access itself would be limited to a port number, username, and password. I know when you use Windows to access FTP it will pop up and prompt you for a username and password.

    The main idea here is that if I was not at home and didn't have a data transfer cable for USB access, that I could at least access /media/internal and possibly even root over EVDO. EVDO access is necessary because you can't always be guaranteed to have a Wifi connection.

    Is there a fairly simple way to do this? I'm familiar with linux and don't mind messing with the scripts, etc, but I just haven't seen a clear presentation on how to accomplish this.
  2. #2  
    It can be done, but I recommend using WinSCP instead of FTP. You'd have to do some stuff that would make your phone very insecure to do it exactly the way you describe.

    WinSCP is a free program, and does a secure file transfer.

    To set it up on the Pre, the easiest way (for me) is to get root access and use the older Optware setup scripts.

    Once you get root access, do the following commands:
    Code:
    cd /tmp
    wget http://gitorious.org/webos-internals/bootstrap/blobs/raw/master/optware-bootstrap-manual.sh
    chmod 755 ./optware-bootstrap-manual.sh
    sh optware-bootstrap-manual.sh
    Then follow the prompts. When asking how you want to access the Pre, be sure to select both (I think the options are WiFi, EVDO, or both). This will install the needed services, and make the appropriate modifications to the Pre's firewall.
    It would probably also help you (when using WinSCP) to do dynamic dns, so you can access the Pre without knowing the IP address.
  3. #3  
    Not super simple, but you can also do this by installing sftp (found in preware, and secured as well which is a good thing) on your Pre.

    Get the free app that tells you your ip address on your pre and you're good to ftp in. Use a windows program like Tunnelier to ftp in securely.
  4.    #4  
    Quote Originally Posted by hparsons View Post
    It can be done, but I recommend using WinSCP instead of FTP. You'd have to do some stuff that would make your phone very insecure to do it exactly the way you describe.
    As long as I have a good password, and considering that my EVDO IP address probably changes from time to time, what would be insecure about it? In the long run, wouldn't it be possible to just make a script to enable or disable this thing from Terminal if it's that insecure? Then I could just hit a few keys and go FTP over EVDO... hit a few more and turn it off. ??
    Quote Originally Posted by opacityzero View Post
    Not super simple, but you can also do this by installing sftp (found in preware, and secured as well which is a good thing) on your Pre.
    Do I need to open the FTP port on my Pre?
    Quote Originally Posted by opacityzero View Post
    Get the free app that tells you your ip address on your pre and you're good to ftp in. Use a windows program like Tunnelier to ftp in securely.
    If I wasn't worried about a secure connection, could I use the FTP feature built into Windows explorer?
    Last edited by Gilligan3816; 01/15/2010 at 01:22 PM.
  5.    #5  
    When I look at the description for OpenSSH SFTP Server in Preware, this is what it says:

    "OpenSSH SFTP Server is a full-featured SFTP server, which enables secure root file transfer via wifi only, on port 22, with secure ssh key authentication only (passwords are completely disabled by default). See the Homepage link for mandatory configuration instructions."

    I don't understand what is meant by "ssh key authentication only" but it sounds like you have to set up each individual computer that you want to ftp from with a key. My desire is to have one that I can log into over EVDO (insecure as it may be) and use with a password. Is that something I can configure with the SFTP server?

    Or is there a way to just enable FTP on the Pre?
    Last edited by Gilligan3816; 01/15/2010 at 01:21 PM.
  6. #6  
    Exactly, each computer you use as a client to log into your Pre will need to have the key file. You can optionally have a password set in addition to the key to make it more secure in case anyone gets a hold of your key file. But you seem to want something simple, in which case I'm not sure there is one yet as the only ftp server available for the pre is the secure ftp method.

    You can edit the file (/etc/event.d/mobi.optware.openssh) to allow a different port and open it up to the world, and not just over wifi as you quoted.

    on Pre in terminal

    ssh-keygen -b 2048 (source ssh-keygen(1) - Linux man page) to generate your key files.
    (hit enter to default to the /home/root/.ssh/ folder
    enter a passphrase: [your optional password]

    done

    now, type
    cd /home/root/.ssh/
    ls (here you'll see two new files: id_rsa and id_rsa.pub)
    first backup your authorized_keys file: cp authorized_keys authorized_keys_bkup
    mv id_rsa.pub authorized_keys
    mv id_rsa /media/internal/
    plug phone into usb, enable usb drive and you'll see file in root, cut file off onto your computer. This will be your key file you need in order to log in.

    using an app like Tunnelier
    choose "Use Keypair manager" to import file
    [some settings:
    username: root
    port: 22
    host: ip address of phone
    initial method: publickey - slot 1

    Done...this is advanced stuff so if you're serious about this, you'll need to do some research if any of the above doesn't make sense.
    Last edited by opacityzero; 01/15/2010 at 08:33 PM.
  7. #7  
    Quote Originally Posted by Gilligan3816 View Post
    When I look at the description for OpenSSH SFTP Server in Preware, this is what it says:

    "OpenSSH SFTP Server is a full-featured SFTP server, which enables secure root file transfer via wifi only, on port 22, with secure ssh key authentication only (passwords are completely disabled by default). See the Homepage link for mandatory configuration instructions."

    I don't understand what is meant by "ssh key authentication only" but it sounds like you have to set up each individual computer that you want to ftp from with a key. My desire is to have one that I can log into over EVDO (insecure as it may be) and use with a password. Is that something I can configure with the SFTP server?

    Or is there a way to just enable FTP on the Pre?
    Again, look into WinSCP. This is not nearly as complex as it sounds. Take a look at the screenshot.
    Attached Images Attached Images
  8. #8  
    Quote Originally Posted by Gilligan3816 View Post
    As long as I have a good password, and considering that my EVDO IP address probably changes from time to time, what would be insecure about it?
    Do little research on the security issues involved with FTP. There are reasons that SSH has been added to these older standard protocols.
    Quote Originally Posted by Gilligan3816 View Post
    In the long run, wouldn't it be possible to just make a script to enable or disable this thing from Terminal if it's that insecure? Then I could just hit a few keys and go FTP over EVDO... hit a few more and turn it off. ?? Do I need to open the FTP port on my Pre?
    If I wasn't worried about a secure connection, could I use the FTP feature built into Windows explorer?
    Yes, you could write a script to that, but you are trying to slice a piece of meat by sharpening a butter knife.

    I'm assuming that your end goal is to easily, quickly, and securely transfer files from your phone to your computer. There are tools to do that. Rather than ask how you can use your browser to accomplish another task, look into using the tools that are designed for that task.

    SCP is a standard protocol for copying files using SSH. WinSCP is a Windows client using SCP.

    Read this http://en.wikipedia.org/wiki/Secure_copy and this http://en.wikipedia.org/wiki/WinSCP

    Using WinSCP, I end up with a two-click option (one click to run the program, one to select my Pre) that gives me the access you are talking about.
  9.    #9  
    Let me try to ask this question a different way:

    Assuming that I am in a secure environment, without wifi access, and want to connect to my Pre's /media/internal folder from FTP within Windows Explorer (not using WinSCP), how would I go about this? No matter how insecure it may be... I don't have a key file on a public computer, nor do I want to put WinSCP on a public computer. Let's say at my workplace, etc (not necessarily in a public library).


    I know that some of you are trying to help me keep my Pre secure and tied down. But I just want to know how to accomplish this regardless of security measures. If it's unsecure, please explain why. But the original question was never answered -- only alternatives were offered.
    Last edited by Gilligan3816; 01/15/2010 at 11:49 PM.
  10. aliatgb's Avatar
    Posts
    54 Posts
    Global Posts
    55 Global Posts
    #10  
    For setting up WinSCP, can this part be clarified?

    use the older Optware setup scripts.
  11. #11  
    Quote Originally Posted by Gilligan3816 View Post
    Let me try to ask this question a different way:

    Assuming that I am in a secure environment, without wifi access, and want to connect to my Pre's /media/internal folder from FTP within Windows Explorer (not using WinSCP), how would I go about this? No matter how insecure it may be... I don't have a key file on a public computer, nor do I want to put WinSCP on a public computer. Let's say at my workplace, etc (not necessarily in a public library).
    The problem is that there is not an "easy" way to do this. You will need to do at least the following. Set up an FTP server on your Pre (and configure it to run automatically or create a script to start it), and open up the firewall to support that. Your original post asked for "a fairly simple way to do this". The scripts I provided do all of the steps necessary that I spoke of. The reason there are no similar scripts for FTP is that it is an undesirable solution. This is also probably the reason you're not seeing many responses on how to do it.

    Unfortunately, I don't know the steps for either off the top of my head. May have to do a little research.

    Quote Originally Posted by Gilligan3816 View Post
    If it's unsecure, please explain why. But the original question was never answered -- only alternatives were offered.
    The security issues are too involved to discuss quickly here. A quick google for FTP and SECURITY will give you plenty of information.
  12. #12  
    Quote Originally Posted by aliatgb View Post
    For setting up WinSCP, can this part be clarified?
    I'm not sure how you want it clarified.

    If you're asking about what I meant about "older" scripts, the latest version of the script refers you to downloading the packages using PreWare. Personally, I couldn't figure that out (never saw options for setting, etc).

    If you're asking about what I meant by running the scripts, if you gain root access, and enter the commands I listed, they will do the following:

    • change to the /tmp directory
    • download the optware-bootstrap-manual.sh script (the script was originally optware-bootstrap.sh, but they changed that script to refer the user to Preware, and renamed the original with "-manual")
    • change the script to executable
    • run the script


    The script itself will do a number of things (from the script itself)
    • Mounts the root file system read-write
    • Creates and mounts /opt, and updates /etc/fstab
    • Downloads and installs ipkg-opt
    • Configures /opt/etc/ipkg/optware.conf
    • Creates /etc/profile.d/optware
    • Updates the Optware package database
    • Create an unprivledged user
    • Installs sudo
    • Configures sudo privs for the user created above
    • Installs and configures dropbear
    • Installs openssh and openssh-sftp-server
    • Starts Dropbear
  13. #13  
    Quote Originally Posted by hparsons View Post
    It can be done, but I recommend using WinSCP instead of FTP. You'd have to do some stuff that would make your phone very insecure to do it exactly the way you describe.

    WinSCP is a free program, and does a secure file transfer.

    To set it up on the Pre, the easiest way (for me) is to get root access and use the older Optware setup scripts.

    Once you get root access, do the following commands:
    Code:
    cd /tmp
    wget http://gitorious.org/webos-internals/bootstrap/blobs/raw/master/optware-bootstrap-manual.sh
    chmod 755 ./optware-bootstrap-manual.sh
    sh optware-bootstrap-manual.sh
    Then follow the prompts. When asking how you want to access the Pre, be sure to select both (I think the options are WiFi, EVDO, or both). This will install the needed services, and make the appropriate modifications to the Pre's firewall.
    It would probably also help you (when using WinSCP) to do dynamic dns, so you can access the Pre without knowing the IP address.
    I've got a Pixi and I went through these steps, creating a user name, password, and specifying EVDO for access (since the Pixi doesn't have WiFi).
    I used What Is My IP Address? - Lookup IP, Hide IP, Change IP, Trace IP and more... to get the ip address of my Pixi to use in WinSCP but I'm stuck with making a connection to my Pre. What settings are you using with WinSCP? Do I need to do the private key bit also?

    Thanks.
    cohoman

    Palm Apps:

    jVault and jChecklist
  14. #14  
    Quote Originally Posted by cohoman View Post
    ...
    What settings are you using with WinSCP? Do I need to do the private key bit also?

    Thanks.
    You will be prompted on the Key File, just select the affimrative (don't remember if it's Yes or OK).

    Please see the note below about DynamicDNS/Host

    Basic settings:
    • In WinSCP, click the New button (top right on mine) for a new configuration.
    • For Host name: enter the host name of your computer, or IP address (again, see note below)
    • Set the Port number: to 222
    • Enter the User name: and Password: that you created when you ran the script
    • Leave Private key File: blank
    • Leave File Protocol to SFTP
    • Leave Allow SCP fall back ticked
    • Select Save, and give the configuration an well thought-out, original name (I use MyPre)
    • (Optional), you can save the password if you wish, in spite of the warning
    • Close WinSCP


    Additional settings:
    • Reopen WinSCP
    • Highlight the session you just created, and select Edit on the right
    • On the selections on the left, under Environment, highlight Directories
    • For Remote directory: enter /
    • For Local Directory:, browse (...) and select the initial directory you would like opened
    • Check all of the Directory reading options so they are ticked
    • Highlight the SFTP setting on the right under Environment
    • On the right, under Protocol options, set SFTP server with the following settings
      sudo /opt/libexec/sftp-server
      (this will "auto enter" the sudo command, so you are running with as a privileged user)
    • Leave all other settings as is and select Save, using the same configuration name you used before
    • Report back and tell us how it's working for you.

    A note on DynamicDNS/Hosts information
    Your Pre gets a new IP address each time you restart it (possibly even more often). That means you will constantly be reintering the IP address in the appropriate field. There are two ways to overcome this (though the second means you still have to change things). I would strongly recommend you do one of the two.
    1. Set up DynamicDNS so you can use a host name, such as somename.gotdns.com. You can find information on how to do this here
      Tutorials Linux DDNS Update Client ez-ipupdate - WebOS Internals
      (this is not an extremely easy option, but it works well)
    2. Modify your system's host file before running WinSCP. Your host file (on Windows) can be found in
      c:\Windows\system32\drivers\etc\hosts
      Open that file with a text editor (notepad will do), and add an entry such as

      <IP Address> <YourHost>
      192.168.1.55 MyPre

      (don't put both lines, and don't use the actual entry above)
      Save the file, then run WinSCP

    This file would need to be updated each time you run WinSCP, but it will save you the hassle of having to answer "yes" each time WinSCP enters a new key file I'll try to explain this simply.

    WinSCP will automatically prompt you each time it sees a new key file/name association. The key file is associated to the "name", and if you use IP address only, that's the name. So it will constantly change and be added as a new key file. If you use the hosts file (or DynamicDNS), the name will stay the same to WinSCP, so you won't constantly be prompted about the key file.

    That's it. Sounds a lot more complex than it is, but that should work for you.
  15. #15  
    hparsons,

    Thanks for your instructions, but I still can't seem to connect via WinSCP. I found the IP address of my Pixi using whatismyipaddress.com and configured WinSCP according to your instructions, but I get a "network error: connection timeout". I tried pinging the IP address from my Windows PC in a DOS window and I get a "Request timeout" with 100% packet loss. So, it seems that with my Pixi and EVDO I can't see it from my PC via the a Internet ping.

    Either I've screwed up a step along the way or maybe you can't connect to a Palm Pixi with just EVDO? Has anyone made a connection without using WiFi?

    Thanks.
    cohoman

    Palm Apps:

    jVault and jChecklist
  16. #16  
    I have connected to my Pre using EVDO. Have you setup your dyndns name?
  17. #17  
    Quote Originally Posted by mamouton View Post
    I have connected to my Pre using EVDO. Have you setup your dyndns name?
    No, I'm first trying to use WinSCP to make a connection to my Pixi by using the currently assigned IP address. Once I know that is working, I was going to tackle the DNS stuff.
    cohoman

    Palm Apps:

    jVault and jChecklist
  18. #18  
    Quote Originally Posted by cohoman View Post
    hparsons,

    Thanks for your instructions, but I still can't seem to connect via WinSCP. I found the IP address of my Pixi using whatismyipaddress.com and configured WinSCP according to your instructions, but I get a "network error: connection timeout". I tried pinging the IP address from my Windows PC in a DOS window and I get a "Request timeout" with 100% packet loss. So, it seems that with my Pixi and EVDO I can't see it from my PC via the a Internet ping.

    Either I've screwed up a step along the way or maybe you can't connect to a Palm Pixi with just EVDO? Has anyone made a connection without using WiFi?

    Thanks.
    Pings are blocked. If you have PuTTY, see if you can connect using that. be sure to use port 222
  19. #19  
    Quote Originally Posted by hparsons View Post
    Pings are blocked. If you have PuTTY, see if you can connect using that. be sure to use port 222
    Yes, I tried using putty with the default settings,SSH, port 222, and the IP address assigned to my Pixi. Still "Network error: connection timed out" error.

    I'm not sure if I missed anything.
    cohoman

    Palm Apps:

    jVault and jChecklist
  20. jrtesq's Avatar
    Posts
    105 Posts
    Global Posts
    116 Global Posts
    #20  
    hparsons,

    I set up ssh using the old scripts you provided above. Worked like a charm. Thanks for that.

    I had been trying the preware install and had major difficulties -- never got it to work.

    Why do we not point WinSCP to the private key? I tried it both ways, and, of course, the login works flawlessly when no private key is used.

    When I use the private key, I can still login, but I first get a "server refused our key," immediately followed by the request for password. Then it logs in just fine.

    Just curious about this. Is it somehow less secure for lack of a private key?

    They say ignorance is bliss. Sometime ignorance leads to paranoia.

    Thanks.
    It may seem like I am doing nothing, but on a cellular level I'm really quite busy.
Page 1 of 2 12 LastLast

Posting Permissions