August 2009 Archives

As you may have noticed, recently we sent a lot of mails concerning the looks of SHR.
Most of the users don't care about what's running under the hood, though the majority do care about how it looks/behaves.

Therefore we decided to ask the users about all of our graphical and UI design choices before we actually do them,
as this distro is made for YOU.

So what's on the topic:

1. A new SHR logo - we already started the logo contest (for more info: http://wiki.shr-project.org/trac/wiki/LogoContest)
2. A new SHR theme - we already sent a mail about that, though in short, we need a new theme for illume and a default background image, wiki page: http://wiki.shr-project.org/trac/wiki/Illume%20Theme
3. A new phone UI - will be explained in a moment.

As for 1 and 2, things are going ok, we need more user involvement as those will be default soon, but we are getting there and we already have some nice suggestions.

As for the new Phone UI:
This is the most important topic, as this is not only about "looks" it's also about "feel" or usability. We want YOU to help us determine the features and look & feel of the entire phone UI.
Of course we have our own suggestions (which will be presented in a moment), so even if you don't have a suggestion of your own, we'd like to
see what you have to say about our current sketches.

Link to the phoneui page: http://wiki.shr-project.org/trac/wiki/phoneui

These are our design suggestions, please tell us what you think should be done in order to improve them, or just suggest your own, please don't remove parts of the wiki,
and keep the order sane if you add your own suggestions.

Edit: Disabled commenting due to spam.

Hi,

There was a security flaw in dropbear (the default SSH server on SHR) configuration that made it listen to all network interfaces (wifi,gprs,usb) instead of making it listen only to usb. This is a problem because the default password is blank,and the SHR distribution runs as root by default.

Notes about the commands:
The command to type are the ones coming just after the root@om-gta02 ~ $
The line that doesn't contain root@om-gta02 ~ $ are the output of the command

Resolution:
The advised way to handle it is to upgrade dropbear,or the entire distribution,or to reinstall To update dropbear the following run the following commands
root@om-gta02 ~ $ opkg update
Downloading http://build.shr-project.org/shr-unstable/ipk//all/Packages.gz
Inflating http://build.shr-project.org/shr-unstable/ipk//all/Packages.gz
Updated list of available packages in /var/lib/opkg/shr-all
Downloading http://build.shr-project.org/shr-unstable/ipk//armv4/Packages.gz
Inflating http://build.shr-project.org/shr-unstable/ipk//armv4/Packages.gz
Updated list of available packages in /var/lib/opkg/shr-armv4
Downloading http://build.shr-project.org/shr-unstable/ipk//armv4t/Packages.gz
Inflating http://build.shr-project.org/shr-unstable/ipk//armv4t/Packages.gz
Updated list of available packages in /var/lib/opkg/shr-armv4t
Downloading http://build.shr-project.org/shr-unstable/ipk//om-gta02/Packages.gz
Inflating http://build.shr-project.org/shr-unstable/ipk//om-gta02/Packages.gz
Updated list of available packages in /var/lib/opkg/
shr-om-gta02 $ opkg upgrade dropbear
Upgrading dropbear on root from 0.51-r1.01 to 0.51-r1.02...
Downloading http://build.shr-project.org/shr-unstable/ipk//armv4t/dropbear_0.51-r1.02_armv4t.ipk Configuring dropbear
System startup links for /etc/init.d/dropbear already exist.
Restarting Dropbear SSH server:
Connection to 192.168.0.202 closed by remote host.
Connection to 192.168.0.202 closed.
Then reboot your phone

Workarounds:
*you can change the default password using the passwd command(just type passwd in the terminal and type your password(note that you won't see * apearing on the screen while typing the password)),that will prevent unauthorized access but dropbear will keep listening on all interfaces To change the password run the following command:
root@om-gta02 ~ $ passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
Enter new password:
Re-enter new password:
Password changed.
*you can make it listen only on the USB interface adding this the following content to the /etc/default/dropbear file:
DROPBEAR_PORT=`ip addr list usb0 | awk 'BEGIN { FS="[ /]+" } /inet / { print $3 }'`:22
Then reboot your phone
Verify that it worked: connect your openmoko to the wifi and verify that you can't ssh into it from the wifi,192.168.1.108 must be replaced by the ip address of your openmoko
$ ssh root@192.168.1.108
ssh: connect to host 192.168.1.108 port 22: Connection refused
In order to find the ip address of your openmoko run the following command on the openmoko: root@om-gta02 ~ $ ip addr list eth0 | awk 'BEGIN { FS="[ /]+" } /inet / { print $3 }'
192.168.1.108

History of the bug solving:
At first we thought that it was because there wasn't something like that in dropbear.inc: SRC_URI_append_openmoko = "file://default"
and that adding the following:
SRC_URI_append_shr = "file://default"
would solve it but it was in the recipe then we thought it was because the default file was in org.openembedded.dev/recipes/dropbear/dropbear/openmoko and not in org.openembedded.dev/recipes/dropbear/dropbear/shr
But it was a veriffication of the SRC_URI variable with bitbkae -i and peek showed that it was in the default file was included in the SRC_URI
Then we thought that someone could have forgotten to bump the PR,we bumped the PR and rebuilt the dropbear package,and then the ipk contained the default file,and upgrading dropbear made the bug disappear
 
Future:
SHR plan to switch to openssh,in order to avoid such problems and to have a better ssh client (dropbear client doesn't support all the features that openssh does such as the key encryption) and server