USB Networking/zh tw

From Openmoko

(Difference between revisions)
Jump to: navigation, search
(Desktop side)
(SSH Extras)
 
(20 intermediate revisions by 2 users not shown)
Line 94: Line 94:
 
</pre>
 
</pre>
  
If you are doing the echo 1 > /proc/... command manually, sudo may not be enough, then you will have to execute it from a sudo bash.
+
若你執行用手動的方式執行 echo 1 > /proc/... 指令,sudo 可能尚嫌不足,接著,你則可以自auso bash執行。
  
Ubuntu Feisty, Gutsy and Hardy appear to have a bug where ifdown is not run when the interface is unplugged, meaning this only works once after the system is booted.
+
Ubuntu Feisty、Gutsy 及 Hardy 在未掛載時,ifdown 是有臭蟲的,也就是說,它只有在系統載入時可以執行。
  
This was reported to ubuntu a long time ago, so don't file a duplicate bug. Write a comment instead at https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/130437  
+
這個臭蟲很久之前已回報給ubuntu。因此,不要將這個臭蟲夾檔,請在下列位置寫入備忘:https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/130437  
  
 
One can patch /etc/udev/rules.d/85-ifupdown.rules, editing the two lines at the end of the file:
 
One can patch /etc/udev/rules.d/85-ifupdown.rules, editing the two lines at the end of the file:
Line 116: Line 116:
 
</pre>
 
</pre>
  
the bug is that the LABEL="net_end" is at the wrong position
+
臭蟲內容為LABEL="net_end" ,它被放在錯的地方。
  
 
=== SuSE ===
 
=== SuSE ===
Line 124: Line 124:
 
  NETMASK=255.255.255.0
 
  NETMASK=255.255.255.0
 
  STARTMODE=onboot
 
  STARTMODE=onboot
=== Fedora (Tested with FC8) ===
+
=== Fedora (由FC8測試) ===
 
/etc/sysconfig/network-scripts/ifcfg-usb0
 
/etc/sysconfig/network-scripts/ifcfg-usb0
 
<pre>
 
<pre>
Line 136: Line 136:
 
</pre>
 
</pre>
  
=== Red Hat or similar (tested with Workstation 5) ===
+
=== Red Hat 或類似套件(Workstation 5下測試) ===
Edit /etc/sysconfig/network-scripts/net.hotplug:
+
編輯Edit /etc/sysconfig/network-scripts/net.hotplug:
  
After this command
+
在這個指令之後
 
<pre>
 
<pre>
 
     case $INTERFACE in
 
     case $INTERFACE in
 
# interfaces that are registered after being "up" (?)
 
# interfaces that are registered after being "up" (?)
 
</pre>
 
</pre>
add
+
加入
 
<pre>
 
<pre>
 
usb0)
 
usb0)
Line 158: Line 158:
  
 
=== Gentoo ===
 
=== Gentoo ===
* Open /etc/conf.d/net and add:
+
* 開啟 /etc/conf.d/net 並且加入add:
 
  # Neo1973
 
  # Neo1973
 
  config_usb0=( "192.168.0.200 netmask 255.255.255.0" )
 
  config_usb0=( "192.168.0.200 netmask 255.255.255.0" )
 
  routes_usb0=( "192.168.0.202/32 via 192.168.0.200" )
 
  routes_usb0=( "192.168.0.202/32 via 192.168.0.200" )
* Create a new init script:
+
* 建立一個新的init script:
 
  cd /etc/init.d
 
  cd /etc/init.d
 
  ln -s net.lo net.usb0
 
  ln -s net.lo net.usb0
* Put iptables into use:
+
* 將iptables放入使用:
 
  iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
 
  iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
 
  iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
 
  iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
 
  iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
 
  iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
* Store them
+
* 將它們存放在
 
  /etc/init.d/iptables save
 
  /etc/init.d/iptables save
* If you want the routing by default:
+
* I如果你希望在預設的情況下繞送:
 
  rc-update add iptables default
 
  rc-update add iptables default
* You must also inform the kernel, to start forwarding. One way to automate this is to create /etc/conf.d/net.usb0 as follows
+
* 你必須也通知 kernel,開始傳送。建立以下的內容,則可以自動傳送:
 +
  create /etc/conf.d/net.usb0 as follows
 
   
 
   
 
  preup() {
 
  preup() {
Line 185: Line 186:
 
  }
 
  }
  
This way, packet forwarding will be turned on when Neo is plugged in, and off when it's not.
+
用這個方法,封包傳遞將會在NEO連接上的時候開始傳送,若關閉,則無法傳送。
  
 
=== MacOS X ===
 
=== MacOS X ===
See the [[MacOS_X#USB_Networking|USB Networking section in the MacOS X article]].
+
請參考MacOS X[[MacOS_X#USB_Networking|USB Networking 一節]].
  
= Mobile development  =
+
= Mobile開發=
  
== Proxying DNS requests ==
+
== 代管DNS請求==
  
If, like me, you move about quite a lot, connecting to various networks as you go and getting your ip via dhcp, you'll probably be annoyed at having to constantly update your resolv.conf on the Neo 1973.
+
若你是像我一樣,常常搬家,必須透過DHCP連接到不同的網路,你可能會因為經常性的更新Neo 1973的resolv.conft而感到煩惱。
 
+
To get round this, as part of my setup script, I run a proxy dns on the ip address the neo comes in on at the usb0 port. This means that my Neo /etc/resolv.conf only contains:
+
  
 +
要處理這個問題,如我的安裝script,我在NEO USB0埠號的IP位址執行。這表示 Neo /etc/resolv.conf 只包含了:
 
  nameserver 192.168.0.200  
 
  nameserver 192.168.0.200  
  
and my laptop will proxy all dns requests based on it's own /etc/resolv.conf
+
我的電腦將只會依的 /etc/resolv.conf 代管DNS
 
+
'''note that we only run the dns proxy on the usb0 interface so that we don't break any other networking'''
+
  
=== Proxying with dnrd ===
+
'''請注意我們只會在usb0界面上執行dns proxy ,因此我們並不會破壞其它的網路連線'''
  
The script is designed to use [http://dnrd.sourceforge.net/ dnrd] as the dns proxy. The [http://buildhost.automated.it/gta01 script] and a copy of [http://buildhost.automated.it/dnrd-2.20.3.tar.gz dnrd] are available from my site. The script also performs the initial setup of the connection as per the [[USB_Networking#Manual_method]] above.
+
=== 使用 dnrd 代管===
  
=== Proxying with a UDP forwarder ===
+
這個 script 被設定為使用 [http://dnrd.sourceforge.net/ dnrd] 做為 dns proxy。[http://buildhost.automated.it/gta01 script] 及 [http://buildhost.automated.it/dnrd-2.20.3.tar.gz dnrd]的複本可以自我的網站取得。這個 script也可以執行上列的[[USB_Networking#Manual_method]]初始安裝。
Another easy setup is using a udp forwarder like the one from http://www.tapor.com/udpf/ - is use it with the command
+
=== 以UDP forwarder代管 ===
 +
另一個簡單的安裝是使用來自http://www.tapor.com/udpf/ 的udp forwarder,它可以用下列指令操作:
  
 
  udpf-elf\
 
  udpf-elf\
Line 221: Line 220:
 
  iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1
 
  iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1
  
where <tt>192.168.0.1</tt> is the IP of your residential gateway (router). This is the easiest method, but its not recommended if you have a direct connection to the Internet as ISP DNS servers can change, and this does no load-balancing.
+
在這裡<tt>192.168.0.1</tt> 是你的gateway的IP。它是最簡單的方法,但是不建議這樣做。但假設你有像ISP DNS服務一樣直接連到網路,則建議這樣做,但它無法做到流量調節。
  
= Connecting to phone =
+
= 連接到電話 =
  
Then <tt>ssh root@192.168.0.202</tt> with empty password to get into phone.
+
接著以空白密碼連接到 <tt>ssh root@192.168.0.202</tt> 電話。
 +
 
 +
注意: 在Openmoko上的ssh daemon (dropbear 0.49) 的程式在傳現及離開客端狀態有 bug。你會收到的離開狀態為255。
  
NOTE: the ssh daemon (dropbear 0.49) on the OpenMoko appears to have a bug when sending the exit status back to the client. From time to time you receive an exit status of 255.
 
  
 
===SSH Extras===
 
===SSH Extras===
  
If you get fed up with typing root@192.168.0.202, on your PC edit /etc/hosts and add an entry for 'phone'
+
I如果你在PC上鍵入root@192.168.0.202,編輯 /etc/hosts 並加入一個輸入'phone'
  
 
  192.168.0.202 phone
 
  192.168.0.202 phone
  
then edit ~/.ssh/config (or create it) and add
+
接著編輯 edit ~/.ssh/config (或建立它) 並加入
  
 
  host phone
 
  host phone
 
  user root
 
  user root
  
then all you need to do is type
+
你必須做的工作是
  
 
  # ssh phone
 
  # ssh phone
  
To avoid ssh added a new line for every ssh host-key to you known_hosts you can add the following to the phone section in ~/.ssh/config
+
要避免 ssh 為每個已知的hostsssh host-key加入新的一行,你可以加下下列的內容到~/.ssh/config
  
   UserKnownHostsFile /dev/null
+
   StrictHostKeyChecking no
  
You might want to use keys to bypass the login prompt too.
+
你可能想要使用 key 跳過這個過程。
  
 
===SSH Keys===
 
===SSH Keys===
====From host to phone====
+
====從主機到手機====
  
To generate ssh keys for use as a login mechanism type
+
要產生可以用的 ssh key 做為登入之用,請輸入:
  
 
  ssh-keygen -t rsa
 
  ssh-keygen -t rsa
  
when prompted for a password either hit enter for no password (''not really a good idea'') or enter a password for this key. ssh into the phone and create ~/.ssh
+
在出現鍵入密碼時,請鍵入ENTER(''雖然它不是個好主意'')或者是以這個KEY做為密碼輸入。ssh到手機,並且建立~/.ssh
  
 
  # mkdir ~/.ssh
 
  # mkdir ~/.ssh
  
then from your PC copy the '''.pub''' file to the phone.
+
接著,從你的電腦上複製 '''.pub'''檔案到手機上
  
 
  # scp ~/.ssh/id_rsa.pub phone:.ssh/authorized_keys
 
  # scp ~/.ssh/id_rsa.pub phone:.ssh/authorized_keys
  
You should now be able to ssh directly into the phone.
+
你現在應該可以直接 ssh 到手機上
  
To disable password logins ('''after setting up key access''') edit /etc/init.d/dropbear and change the following line:
+
要停用登入密碼 ('''在設定完KEY存取之後''') 編輯 /etc/init.d/dropbear 並且變更下列的內容
  
 
  DROPBEAR_EXTRA_ARGS=
 
  DROPBEAR_EXTRA_ARGS=
  
to
+
  
 
  DROPBEAR_EXTRA_ARGS="-s"
 
  DROPBEAR_EXTRA_ARGS="-s"
  
You will need to restart dropbear for this to take effect.
+
你必須重新啟動,以讓設定生效。
  
====From phone to host====
+
====從手機到主機====
Generate the key
+
產生key
  
 
   dropbearkey -t rsa -f id_rsa
 
   dropbearkey -t rsa -f id_rsa
  
The output will look something like this:
+
輸出內容將如下:
  
 
   Will output 1024 bit rsa secret key to 'id_rsa'
 
   Will output 1024 bit rsa secret key to 'id_rsa'
Line 290: Line 290:
 
   Fingerprint: md5 ca:e8:f0:b7:f6:7b:c2:b6:b9:71:e4:45:86:a9:ff:b8
 
   Fingerprint: md5 ca:e8:f0:b7:f6:7b:c2:b6:b9:71:e4:45:86:a9:ff:b8
  
Copy and paste the one line (in this example, starting with 'ssh-rsa' onto the end of the host's authorized_keys file (often in ~/.ssh/).
+
複製並貼上以下的內容 (在這個範例當中,以'ssh-rsa' 開始,到主機的 authorized_keys 檔案為止 (通常是在 ~/.ssh/).
  
From the phone, ssh with -i:
+
從手機,ssh  -i:
  
 
   ssh -i id_rsa user@host
 
   ssh -i id_rsa user@host
  
This works for me. I ripped off these instructions from: [[http://forum.openwrt.org/viewtopic.php?pid=53705]]
+
對我來講,它是行的通的。 I ripped off these instructions from: [[http://forum.openwrt.org/viewtopic.php?pid=53705]]
  
[[Category:Hardware]]
+
===透過桌面的GUI SSH===
[[Category:USB| ]]
+
  
===GUI on desktop through SSH===
+
如果你必須方過USB取得手機上的GUI,你可以用下面的方式使用SSH:
 
+
If you need to get the GUI on the phone onto the desktop via usb, you can use ssh as follows
+
  
 
   ssh -l root -X -v 192.168.0.202
 
   ssh -l root -X -v 192.168.0.202
  
Login, and run openmoko-finger-demo for example, and it will open up on the desktop. To get landscape view, just resize the GUI window on the desktop.
+
如登入,並且執行openmoko-finger-demo ,它會在桌面開啟。要取得橫式的檢視,請變更桌面的GUI視窗。
 
+
===Remote apps on neo===
+
  
To get desktop apps to show up on your neo, first log in to the phone
+
===NEO上的遠端程式===
  
 +
要讓桌面上的程式能在你的NEO上顯示,請登入手機:
 
   ssh -l root 192.168.0.202
 
   ssh -l root 192.168.0.202
  
Then once inside, run:
+
執行:
  
 
   DISPLAY=:0 xhost +192.168.0.200
 
   DISPLAY=:0 xhost +192.168.0.200
  
After this you can close the ssh session. Back on the desktop computer, run:
+
之後,你可以關閉ssh session。回到桌上型電腦,執行:
  
 
   DISPLAY=moko:0 xclock
 
   DISPLAY=moko:0 xclock
  
Note that the xhost command will allow remote applications on 192.168.0.200 to access the X server. It will allow anyone on the desktop machine to access the X server of the neo, including snooping anything you type on it. To disallow remote applications again, run this in the neo:
+
請注意xhost 指令只會允許遠端應用程式在 192.168.0.200 存取X server。它允許任何人用桌上型機器存取neo X server。要停用遠端應用程式,在NEO上執行:
  
 
   DISPLAY=:0 xhost -192.168.0.200
 
   DISPLAY=:0 xhost -192.168.0.200
Line 330: Line 326:
 
{{Languages|USB Networking}}
 
{{Languages|USB Networking}}
  
[[Category:Hardware]]
+
[[Category:Hardware/zh tw]]
[[Category:Implemented]]
+
[[Category:Implemented/zh tw]]
 +
[[Category:USB/zh tw|USB/zh tw]]

Latest revision as of 14:52, 22 November 2011

Contents

[edit] Neo1973 side

[edit] 命名方式

預設的狀況下Neo1973擁有usb0界面,被編譯到kernel中,做為乙太網路裝置。 在Neo上,如果你想要在網路上使用完整的主機名稱,你必須定義你的DNS server。建立 /etc/resolv.conf檔案,檔案中要包含以下的內容:

nameserver xxx.xxx.xxx.xxx

e.g. nameserver 192.168.1.1

因此,你也可以輕鬆的使用 "ipkg update && ipkg upgrade" 更新 Neo.

更好的方法是編輯: /etc/network/interfaces 並且寫入以下的內容:

up echo nameserver 192.168.0.200 >/etc/resolv.conf
要指定你喜好的DNS server而不是192.168.0.200。

example: up echo nameserver 4.2.2.2 >/etc/resolv.conf


另一個方法是symlink (NOW OBSOLETE?)

ln -s /var/run/resolv.conf /etc/resolv.conf

並且在啟動 /etc/network/if-up.d/08setupdns script中寫入:

#!/bin/sh -e
echo  nameserver 192.168.0.200 > /var/run/resolv.conf

使用這個方法可以在撥號到GPRS時,正確的從ppp 軟體中處理。

[edit] Routing

你必須自額外的流量繞送到網際網路上。 若你的電腦是預設的目的地位置,這個流量可以透過你的電腦被繞送出去 (see below)。你可以使用下列方法達到這個目地:

gateway 192.168.0.200

在usb0區段中到 /etc/network/interfaces。

[edit] Desktop side

[edit] 手動

在連接上了裝置之後,modprobe usbnet 模組及設定 usb0 介面 (以root身份):

ifconfig usb0 192.168.0.200 netmask 255.255.255.0

如果你的 eth0 介面位於同一個 '範圍' (e.g. 192.168.0.105) 則你可以進行下面的工作:

1. 以下列指令ping Neo裝置

# ping -I usb0 192.168.0.202

2. 為Neo加入route:

# /sbin/route add -host 192.168.0.202/32 dev usb0

3 登入 Neo

# ssh root@192.168.0.202

若你沒有必要的模組可以讓usb0 運作,請確定你啟用了以下的kernel選項:

  • CONFIG_USB_USBNET
  • CONFIG_USB_NET_CDCETHER

二個選項都可以啟動 Device Drivers -> USB support -> USB Network Adapters. For more info see the usbnet driver homepage.

[edit] 自動化方法

Hotplugging usbnet 取得,由 Marcin 'Hrw' Juszkiewicz張貼。


[edit] Debian 或相似的系統

Edit /etc/network/interfaces:

allow-hotplug usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        post-up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -P FORWARD ACCEPT

[edit] Ubuntu (由Feisty、Gutsy 與Hardy測試)

Edit /etc/network/interfaces:

auto usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &
        up echo 1 > /proc/sys/net/ipv4/ip_forward &
        up iptables -P FORWARD ACCEPT &
        down iptables -D POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &

若你執行用手動的方式執行 echo 1 > /proc/... 指令,sudo 可能尚嫌不足,接著,你則可以自auso bash執行。

Ubuntu Feisty、Gutsy 及 Hardy 在未掛載時,ifdown 是有臭蟲的,也就是說,它只有在系統載入時可以執行。

這個臭蟲很久之前已回報給ubuntu。因此,不要將這個臭蟲夾檔,請在下列位置寫入備忘:https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/130437

One can patch /etc/udev/rules.d/85-ifupdown.rules, editing the two lines at the end of the file:

SUBSYSTEM=="net", DRIVERS=="?*", GOTO="net_start"
GOTO="net_end"

LABEL="net_start"

# Bring devices up and down only if they're marked auto.
# Use start-stop-daemon so we don't wait on dhcp
ACTION=="add",          RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifup -- --allow auto $env{INTERFACE}"

LABEL="net_end"

ACTION=="remove",       RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifdown -- --allow auto $env{INTERFACE}"

臭蟲內容為LABEL="net_end" ,它被放在錯的地方。

[edit] SuSE

/etc/sysconfig/network/ifcfg-usb0

# USB configuration for PDAs (openmoko)
IPADDR=192.168.0.200
NETMASK=255.255.255.0
STARTMODE=onboot

[edit] Fedora (由FC8測試)

/etc/sysconfig/network-scripts/ifcfg-usb0

# USB configuration for PDAs (openmoko)
# from http://www.handhelds.org/moin/moin.cgi/UsbNet
DEVICE=usb0
BOOTPROTO=none
IPADDR=192.168.0.200
NETMASK=255.255.255.0
ONBOOT=yes

[edit] Red Hat 或類似套件(在 Workstation 5下測試)

編輯Edit /etc/sysconfig/network-scripts/net.hotplug:

在這個指令之後

    case $INTERFACE in
	# interfaces that are registered after being "up" (?)

加入

	usb0)
		ifconfig usb0 192.168.0.200 netmask 255.255.255.0
		route add 192.168.0.202 usb0
		iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
		iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
                iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
                echo 1 > /proc/sys/net/ipv4/ip_forward
		exit 0
	;;

[edit] Gentoo

  • 開啟 /etc/conf.d/net 並且加入add:
# Neo1973
config_usb0=( "192.168.0.200 netmask 255.255.255.0" )
routes_usb0=( "192.168.0.202/32 via 192.168.0.200" )
  • 建立一個新的init script:
cd /etc/init.d
ln -s net.lo net.usb0
  • 將iptables放入使用:
iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
  • 將它們存放在
/etc/init.d/iptables save
  • I如果你希望在預設的情況下繞送:
rc-update add iptables default
  • 你必須也通知 kernel,開始傳送。建立以下的內容,則可以自動傳送:
create /etc/conf.d/net.usb0 as follows

preup() {
       echo 1 > /proc/sys/net/ipv4/ip_forward
       return 0
}

postdown() {
       echo 0 > /proc/sys/net/ipv4/ip_forward
       return 0
}

用這個方法,封包傳遞將會在NEO連接上的時候開始傳送,若關閉,則無法傳送。

[edit] MacOS X

請參考MacOS XUSB Networking 一節.

[edit] Mobile開發

[edit] 代管DNS請求

若你是像我一樣,常常搬家,必須透過DHCP連接到不同的網路,你可能會因為經常性的更新Neo 1973的resolv.conft而感到煩惱。

要處理這個問題,如我的安裝script,我在NEO USB0埠號的IP位址執行。這表示 Neo /etc/resolv.conf 只包含了:

nameserver 192.168.0.200 

我的電腦將只會依的 /etc/resolv.conf 代管DNS

請注意我們只會在usb0界面上執行dns proxy ,因此我們並不會破壞其它的網路連線

[edit] 使用 dnrd 代管

這個 script 被設定為使用 dnrd 做為 dns proxy。scriptdnrd的複本可以自我的網站取得。這個 script也可以執行上列的USB_Networking#Manual_method初始安裝。

[edit] 以UDP forwarder代管

另一個簡單的安裝是使用來自http://www.tapor.com/udpf/ 的udp forwarder,它可以用下列指令操作:

udpf-elf\
       -p=53\
       -f=`cat /etc/resolv.conf|awk '$1 == "nameserver"{print $2; exit(0);}'`:53

[edit] Proxying with iptables

Its is possible to forward DNS requests with iptables using the DNAT target

iptables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1
iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1

在這裡192.168.0.1 是你的gateway的IP。它是最簡單的方法,但是不建議這樣做。但假設你有像ISP DNS服務一樣直接連到網路,則建議這樣做,但它無法做到流量調節。

[edit] 連接到電話

接著以空白密碼連接到 ssh root@192.168.0.202 電話。

注意: 在Openmoko上的ssh daemon (dropbear 0.49) 的程式在傳現及離開客端狀態有 bug。你會收到的離開狀態為255。


[edit] SSH Extras

I如果你在PC上鍵入root@192.168.0.202,編輯 /etc/hosts 並加入一個輸入'phone'

192.168.0.202 phone

接著編輯 edit ~/.ssh/config (或建立它) 並加入

host phone
user root

你必須做的工作是

# ssh phone

要避免 ssh 為每個已知的hostsssh host-key加入新的一行,你可以加下下列的內容到~/.ssh/config

 StrictHostKeyChecking no

你可能想要使用 key 跳過這個過程。

[edit] SSH Keys

[edit] 從主機到手機

要產生可以用的 ssh key 做為登入之用,請輸入:

ssh-keygen -t rsa

在出現鍵入密碼時,請鍵入ENTER(雖然它不是個好主意)或者是以這個KEY做為密碼輸入。ssh到手機,並且建立~/.ssh

# mkdir ~/.ssh

接著,從你的電腦上複製 .pub檔案到手機上

# scp ~/.ssh/id_rsa.pub phone:.ssh/authorized_keys

你現在應該可以直接 ssh 到手機上

要停用登入密碼 (在設定完KEY存取之後) 編輯 /etc/init.d/dropbear 並且變更下列的內容

DROPBEAR_EXTRA_ARGS=

DROPBEAR_EXTRA_ARGS="-s"

你必須重新啟動,以讓設定生效。

[edit] 從手機到主機

產生key

 dropbearkey -t rsa -f id_rsa

輸出內容將如下:

 Will output 1024 bit rsa secret key to 'id_rsa'
 Generating key, this may take a while...
 Public key portion is:
 ssh-rsa AAAAB3Nza[...]
 Fingerprint: md5 ca:e8:f0:b7:f6:7b:c2:b6:b9:71:e4:45:86:a9:ff:b8

複製並貼上以下的內容 (在這個範例當中,以'ssh-rsa' 開始,到主機的 authorized_keys 檔案為止 (通常是在 ~/.ssh/).

從手機,ssh -i:

 ssh -i id_rsa user@host

對我來講,它是行的通的。 I ripped off these instructions from: [[1]]

[edit] 透過桌面的GUI SSH

如果你必須方過USB取得手機上的GUI,你可以用下面的方式使用SSH:

 ssh -l root -X -v 192.168.0.202

如登入,並且執行openmoko-finger-demo ,它會在桌面開啟。要取得橫式的檢視,請變更桌面的GUI視窗。

[edit] NEO上的遠端程式

要讓桌面上的程式能在你的NEO上顯示,請登入手機:

 ssh -l root 192.168.0.202

執行:

 DISPLAY=:0 xhost +192.168.0.200

之後,你可以關閉ssh session。回到桌上型電腦,執行:

 DISPLAY=moko:0 xclock

請注意xhost 指令只會允許遠端應用程式在 192.168.0.200 存取X server。它允許任何人用桌上型機器存取neo X server。要停用遠端應用程式,在NEO上執行:

 DISPLAY=:0 xhost -192.168.0.200

Personal tools

Neo1973 side

命名方式

預設的狀況下Neo1973擁有usb0界面,被編譯到kernel中,做為乙太網路裝置。 在Neo上,如果你想要在網路上使用完整的主機名稱,你必須定義你的DNS server。建立 /etc/resolv.conf檔案,檔案中要包含以下的內容:

nameserver xxx.xxx.xxx.xxx

e.g. nameserver 192.168.1.1

因此,你也可以輕鬆的使用 "ipkg update && ipkg upgrade" 更新 Neo.

更好的方法是編輯: /etc/network/interfaces 並且寫入以下的內容:

up echo nameserver 192.168.0.200 >/etc/resolv.conf
要指定你喜好的DNS server而不是192.168.0.200。

example: up echo nameserver 4.2.2.2 >/etc/resolv.conf


另一個方法是symlink (NOW OBSOLETE?)

ln -s /var/run/resolv.conf /etc/resolv.conf

並且在啟動 /etc/network/if-up.d/08setupdns script中寫入:

#!/bin/sh -e
echo  nameserver 192.168.0.200 > /var/run/resolv.conf

使用這個方法可以在撥號到GPRS時,正確的從ppp 軟體中處理。

Routing

你必須自額外的流量繞送到網際網路上。 若你的電腦是預設的目的地位置,這個流量可以透過你的電腦被繞送出去 (see below)。你可以使用下列方法達到這個目地:

gateway 192.168.0.200

在usb0區段中到 /etc/network/interfaces。

Desktop side

手動

在連接上了裝置之後,modprobe usbnet 模組及設定 usb0 介面 (以root身份):

ifconfig usb0 192.168.0.200 netmask 255.255.255.0

如果你的 eth0 介面位於同一個 '範圍' (e.g. 192.168.0.105) 則你可以進行下面的工作:

1. 以下列指令ping Neo裝置

# ping -I usb0 192.168.0.202

2. 為Neo加入route:

# /sbin/route add -host 192.168.0.202/32 dev usb0

3 登入 Neo

# ssh root@192.168.0.202

若你沒有必要的模組可以讓usb0 運作,請確定你啟用了以下的kernel選項:

  • CONFIG_USB_USBNET
  • CONFIG_USB_NET_CDCETHER

二個選項都可以啟動 Device Drivers -> USB support -> USB Network Adapters. For more info see the usbnet driver homepage.

自動化方法

Hotplugging usbnet 取得,由 Marcin 'Hrw' Juszkiewicz張貼。


Debian 或相似的系統

Edit /etc/network/interfaces:

allow-hotplug usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        post-up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -P FORWARD ACCEPT

Ubuntu (由Feisty、Gutsy 與Hardy測試)

Edit /etc/network/interfaces:

auto usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &
        up echo 1 > /proc/sys/net/ipv4/ip_forward &
        up iptables -P FORWARD ACCEPT &
        down iptables -D POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &

If you are doing the echo 1 > /proc/... command manually, sudo may not be enough, then you will have to execute it from a sudo bash.

Ubuntu Feisty, Gutsy and Hardy appear to have a bug where ifdown is not run when the interface is unplugged, meaning this only works once after the system is booted.

This was reported to ubuntu a long time ago, so don't file a duplicate bug. Write a comment instead at https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/130437

One can patch /etc/udev/rules.d/85-ifupdown.rules, editing the two lines at the end of the file:

SUBSYSTEM=="net", DRIVERS=="?*", GOTO="net_start"
GOTO="net_end"

LABEL="net_start"

# Bring devices up and down only if they're marked auto.
# Use start-stop-daemon so we don't wait on dhcp
ACTION=="add",          RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifup -- --allow auto $env{INTERFACE}"

LABEL="net_end"

ACTION=="remove",       RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifdown -- --allow auto $env{INTERFACE}"

the bug is that the LABEL="net_end" is at the wrong position

SuSE

/etc/sysconfig/network/ifcfg-usb0

# USB configuration for PDAs (openmoko)
IPADDR=192.168.0.200
NETMASK=255.255.255.0
STARTMODE=onboot

Fedora (Tested with FC8)

/etc/sysconfig/network-scripts/ifcfg-usb0

# USB configuration for PDAs (openmoko)
# from http://www.handhelds.org/moin/moin.cgi/UsbNet
DEVICE=usb0
BOOTPROTO=none
IPADDR=192.168.0.200
NETMASK=255.255.255.0
ONBOOT=yes

Red Hat or similar (tested with Workstation 5)

Edit /etc/sysconfig/network-scripts/net.hotplug:

After this command

    case $INTERFACE in
	# interfaces that are registered after being "up" (?)

add

	usb0)
		ifconfig usb0 192.168.0.200 netmask 255.255.255.0
		route add 192.168.0.202 usb0
		iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
		iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
                iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
                echo 1 > /proc/sys/net/ipv4/ip_forward
		exit 0
	;;

Gentoo

  • Open /etc/conf.d/net and add:
# Neo1973
config_usb0=( "192.168.0.200 netmask 255.255.255.0" )
routes_usb0=( "192.168.0.202/32 via 192.168.0.200" )
  • Create a new init script:
cd /etc/init.d
ln -s net.lo net.usb0
  • Put iptables into use:
iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
  • Store them
/etc/init.d/iptables save
  • If you want the routing by default:
rc-update add iptables default
  • You must also inform the kernel, to start forwarding. One way to automate this is to create /etc/conf.d/net.usb0 as follows
preup() {
       echo 1 > /proc/sys/net/ipv4/ip_forward
       return 0
}

postdown() {
       echo 0 > /proc/sys/net/ipv4/ip_forward
       return 0
}

This way, packet forwarding will be turned on when Neo is plugged in, and off when it's not.

MacOS X

See the USB Networking section in the MacOS X article.

Mobile development

Proxying DNS requests

If, like me, you move about quite a lot, connecting to various networks as you go and getting your ip via dhcp, you'll probably be annoyed at having to constantly update your resolv.conf on the Neo 1973.

To get round this, as part of my setup script, I run a proxy dns on the ip address the neo comes in on at the usb0 port. This means that my Neo /etc/resolv.conf only contains:

nameserver 192.168.0.200 

and my laptop will proxy all dns requests based on it's own /etc/resolv.conf

note that we only run the dns proxy on the usb0 interface so that we don't break any other networking

Proxying with dnrd

The script is designed to use dnrd as the dns proxy. The script and a copy of dnrd are available from my site. The script also performs the initial setup of the connection as per the USB_Networking#Manual_method above.

Proxying with a UDP forwarder

Another easy setup is using a udp forwarder like the one from http://www.tapor.com/udpf/ - is use it with the command

udpf-elf\
       -p=53\
       -f=`cat /etc/resolv.conf|awk '$1 == "nameserver"{print $2; exit(0);}'`:53

Proxying with iptables

Its is possible to forward DNS requests with iptables using the DNAT target

iptables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1
iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1

where 192.168.0.1 is the IP of your residential gateway (router). This is the easiest method, but its not recommended if you have a direct connection to the Internet as ISP DNS servers can change, and this does no load-balancing.

Connecting to phone

Then ssh root@192.168.0.202 with empty password to get into phone.

NOTE: the ssh daemon (dropbear 0.49) on the OpenMoko appears to have a bug when sending the exit status back to the client. From time to time you receive an exit status of 255.

SSH Extras

If you get fed up with typing root@192.168.0.202, on your PC edit /etc/hosts and add an entry for 'phone'

192.168.0.202 phone

then edit ~/.ssh/config (or create it) and add

host phone
user root

then all you need to do is type

# ssh phone

To avoid ssh added a new line for every ssh host-key to you known_hosts you can add the following to the phone section in ~/.ssh/config

 UserKnownHostsFile /dev/null

You might want to use keys to bypass the login prompt too.

SSH Keys

From host to phone

To generate ssh keys for use as a login mechanism type

ssh-keygen -t rsa

when prompted for a password either hit enter for no password (not really a good idea) or enter a password for this key. ssh into the phone and create ~/.ssh

# mkdir ~/.ssh

then from your PC copy the .pub file to the phone.

# scp ~/.ssh/id_rsa.pub phone:.ssh/authorized_keys

You should now be able to ssh directly into the phone.

To disable password logins (after setting up key access) edit /etc/init.d/dropbear and change the following line:

DROPBEAR_EXTRA_ARGS=

to

DROPBEAR_EXTRA_ARGS="-s"

You will need to restart dropbear for this to take effect.

From phone to host

Generate the key

 dropbearkey -t rsa -f id_rsa

The output will look something like this:

 Will output 1024 bit rsa secret key to 'id_rsa'
 Generating key, this may take a while...
 Public key portion is:
 ssh-rsa AAAAB3Nza[...]
 Fingerprint: md5 ca:e8:f0:b7:f6:7b:c2:b6:b9:71:e4:45:86:a9:ff:b8

Copy and paste the one line (in this example, starting with 'ssh-rsa' onto the end of the host's authorized_keys file (often in ~/.ssh/).

From the phone, ssh with -i:

 ssh -i id_rsa user@host

This works for me. I ripped off these instructions from: [[1]]

GUI on desktop through SSH

If you need to get the GUI on the phone onto the desktop via usb, you can use ssh as follows

 ssh -l root -X -v 192.168.0.202

Login, and run openmoko-finger-demo for example, and it will open up on the desktop. To get landscape view, just resize the GUI window on the desktop.

Remote apps on neo

To get desktop apps to show up on your neo, first log in to the phone

 ssh -l root 192.168.0.202

Then once inside, run:

 DISPLAY=:0 xhost +192.168.0.200

After this you can close the ssh session. Back on the desktop computer, run:

 DISPLAY=moko:0 xclock

Note that the xhost command will allow remote applications on 192.168.0.200 to access the X server. It will allow anyone on the desktop machine to access the X server of the neo, including snooping anything you type on it. To disallow remote applications again, run this in the neo:

 DISPLAY=:0 xhost -192.168.0.200