IRC log of #maemo for Tuesday, 2014-03-25

*** HylianSavior has quit IRC00:00
*** HylianSavior has joined #maemo00:00
*** _rd has joined #maemo00:01
*** sq-one has quit IRC00:08
*** lbt_ has joined #maemo00:11
*** lbt has quit IRC00:11
*** _rd has quit IRC00:13
*** fastlane`` has joined #maemo00:13
*** jon_y_ is now known as jon_y00:15
*** LauRoman|Mobile has joined #maemo00:17
*** fastlane``` has quit IRC00:18
*** qwqwqwerrr has joined #maemo00:20
*** cgk_ is now known as gov_00:21
*** fastlane`` has quit IRC00:23
*** emma has quit IRC00:24
*** LauRoman|Mobile has quit IRC00:24
*** gov_ is now known as cgk_00:24
*** cgk_ has quit IRC00:26
*** pcfe has quit IRC00:32
*** pcfe has joined #maemo00:33
*** pcfe has quit IRC00:33
*** pcfe has joined #maemo00:33
*** Kabouik has joined #maemo00:41
*** HylianSavior has quit IRC00:45
*** monoglets has joined #maemo01:02
*** child has quit IRC01:03
*** monoglets has quit IRC01:08
*** emma has joined #maemo01:15
*** florian has joined #maemo01:28
*** arcean has quit IRC01:31
*** qwqwqwerrr has quit IRC01:32
*** emma has quit IRC01:42
*** emma has joined #maemo01:44
*** florian has quit IRC01:55
*** pit_fiend has quit IRC02:08
*** lbt_ has quit IRC02:08
*** Hurrian has joined #maemo02:11
*** int_ua has quit IRC02:17
*** robbiethe1st has joined #maemo02:29
*** sunny_s has joined #maemo02:32
*** Kabouik has quit IRC02:40
*** sunny_s has quit IRC02:41
*** eMHa__ has joined #maemo02:47
*** hxka has quit IRC02:54
*** sequantz has quit IRC02:56
*** Snafu777 has joined #maemo03:00
*** RiD has quit IRC03:16
*** sleepee has joined #maemo03:16
*** sleepee has quit IRC03:23
*** lbt_ has joined #maemo03:29
*** lbt_ has quit IRC03:29
*** lbt_ has joined #maemo03:29
*** zero has joined #maemo03:35
*** zero is now known as Guest5459403:36
Snafu777configure: error: OpenSSL version header not found.03:45
Snafu777Nokia-N900:~/openssh-6.6p1# dpkg --list | grep libssl03:45
Snafu777ii  libssl-dev                                          0.9.8n-1+maemo4+0m5              SSL development libraries, header files and documentation03:45
Snafu777ii  libssl0.9.7                                         1.0                              libssl0.9.703:45
Snafu777ii  libssl0.9.8                                         0.9.8n-1+maemo4+0m5              SSL shared libraries03:45
*** Milhouse has quit IRC03:54
*** qwazix has quit IRC03:57
*** qwazix has joined #maemo03:57
*** darkschneider has quit IRC03:58
Snafu777I love you long time03:59
*** goldkatze has quit IRC04:00
*** silviof1 has joined #maemo04:01
*** Milhouse has joined #maemo04:02
*** silviof has quit IRC04:04
MaxdamantusI suspect you'd need openssl 104:05
Snafu777pretty sure i got it hang tight04:14
Snafu777gotta re-ssh into04:14
Snafu777Nokia-N900:~# dpkg --list | grep ssl04:16
Snafu777ii  libopenssl-ruby                                     4.2maemo1                        OpenSSL interface for Ruby04:16
Snafu777ii  libopenssl-ruby1.8                                         OpenSSL interface for Ruby 1.804:16
Snafu777ii  libssl-dev                                          0.9.8n-1+maemo4+0m5              SSL development libraries, header files and documentation04:16
Snafu777ii  libssl0.9.7                                         1.0                              libssl0.9.704:16
Snafu777ii  libssl0.9.8                                         0.9.8n-1+maemo4+0m5              SSL shared libraries04:16
Snafu777ii  openssl                                             0.9.8n-1+maemo4+0m5              Secure Socket Layer (SSL) binary and related cryptographic tools04:16
Snafu777ii  python-openssl                                      0.7-2maemo2                      Python wrapper around the OpenSSL library04:16
Snafu777ii  sslstrip                                            0.9-0maemo1                      SSL/TLS man-in-the-middle attack tool04:16
*** darkschneider has joined #maemo04:16
Snafu777Maxdamantus: ideas?04:22
MaxdamantusI suspect you'd need openssl 104:23
MaxdamantusIt's in a different slot in portage (Gentoo).04:23
Maxdamantusso they're basically considered different packages.04:24
Snafu777gentoo != n900 =/04:26
*** mschlens has quit IRC04:41
*** dos1 has quit IRC04:43
*** mschlens has joined #maemo04:44
*** Defiant has quit IRC04:46
*** Defiant has joined #maemo04:49
*** MohammadAG has quit IRC04:53
*** MohammadAG has joined #maemo04:53
*** nox- has quit IRC05:06
*** at1as has joined #maemo05:07
*** robbiethe1st has quit IRC05:22
*** at1as has quit IRC05:29
*** hxka has joined #maemo05:37
Luke-JrSnafu777: I run Gentoo on my N90005:39
Snafu777I'm running maemo, and the more I did into it, the more it seems I'm going to have to install openssl from source as well05:40
Snafu777This is a frickin nightmare05:41
Snafu777I didn't even have this much trouble with curl, and that was a bitch05:41
Snafu777How can I find out where the openssl library headers are located at on the n900?05:41
bef0rdI don't think headers are on the device, dev repo/packages were meant for scratchbox environment05:45
bef0rddpkg-query -L libssl-dev05:46
bef0rdshould list all files provided by libssl-dev05:46
Snafu777There are definately header files under /usr/include/openssl05:48
Snafu777Learned a new command today thanks to u bef0rd =)05:49
Snafu777dpkg-query -L05:49
Snafu777normally - dpkg -x the file05:49
Snafu777and view the contents05:49
Snafu777So here is a question while I wait on configure to die or work05:54
Snafu777Anyone ever considered using /etc/shadow on the n900?05:54
MaxdamantusThis is why people shouldn't make phone OSes.05:58
MaxdamantusThey should just make phone software that runs on normal OSes.05:58
Snafu777No, this is why security should have been incorporated into the phone to begin with05:59
Snafu777no /etc/shadow05:59
Snafu777DES for the backend05:59
Snafu777N900 is a wonder to behold05:59
Snafu777The world's smallest handheld pentest device05:59
Maxdamantus/etc/shadow is a file used by certain applications.05:59
Snafu777Yet vulnerable in ways that should have been BYGONE long ago06:00
Snafu777but they didn't incorporate shadowing into the os06:00
Snafu777Do you know how easy it would be to pwn this phone ?06:00
MaxdamantusBecause they didn't include programs that needed it.06:00
Snafu777Most of the .debs are outdated on it06:00
Snafu777I love my n900, don't get me wrong06:00
Maxdamantusif you install the sshd from the repository it creates /etc/shadow06:01
Snafu777They had security as an afterthought06:01
Snafu777sshd from repo does not create /etc/shadow06:01
Snafu777unless you are referring to another ssh daemon vs openssh06:01
MaxdamantusNo, openssh.06:01
Maxdamantusmaybe it's something special with the application manager then.06:02
MaxdamantusI also have the user* programs installed somehow.06:02
Snafu777Do you have maemo on your device Maxdamantus ?06:02
*** lxp1 has joined #maemo06:02
Snafu777and you have /etc/shadow?06:02
MaxdamantusAh, no, only /etc/passwd06:02
Maxdamantusit stores the password in there.06:03
Snafu777yes it does06:03
Snafu777Like I said, vulnerable as hell06:03
Snafu777Because it uses DES06:03
MaxdamantusAh, because other people can use it.06:03
Snafu777Let alone that it's world readable06:03
*** lxp has quit IRC06:03
Maxdamantusyou should be able to use other encryptions .. it's up to libcrypt06:03
Snafu777So how do we configure that?06:04
Snafu777I don't need to compile pam support into openssh if i can do just that06:04
*** uen has quit IRC06:04
Snafu777but i want to go with PAM to get around the DES issue06:04
Maxdamantusjust copy the password from another system.06:05
Maxdamantusprobably the easiest way.06:05
Snafu777and get locked out of the system?06:06
Maxdamantus(to use something other than DES)06:06
Snafu777Wouldn't that snap /etc/passwd?06:06
Snafu777I mean I guess i can try real quick06:06
Snafu777one sec06:06
Maxdamantusmm .. didn't work06:07
*** uen has joined #maemo06:08
Snafu777Definately did not work =906:09
Snafu777Well, I'm going to grab openssl06:11
Snafu777compile it06:11
Snafu777grab the libraries06:11
Snafu777drop them in a custom location on the OS06:12
Snafu777see if i can perform a nasty hack06:12
* Snafu777 <--- wishes he knew more about c++06:13
Snafu777The thing to find out is if i compile it when the libraries exist, will it run when the libraries no longer are there06:14
Snafu777that way i don't have extraneous files lying about06:14
Snafu777Static libraries increase the overall size of the binary, but it means that you don't need to carry along a copy of the library that is being used. As the code is connected at compile time there are not any additional run-time loading costs. The code is simply there.06:16
Snafu777And it shall work, and it shall be named George!06:16
Snafu777Maxdamantus: Got sshd installed on your n900?06:17
Snafu777Want to see the vulnerability I speak of?06:18
Snafu777ssh -l root
Snafu777enter the first eight chars of your root pword06:18
Snafu777p00f, you are in06:18
Snafu777And did it work?06:22
DocScrutinizer05((<Snafu777> no /etc/shadow [2014-03-25 05:00:22] <Snafu777> Do you know how easy it would be to pwn this phone ?)) Nonsense. Maemo is basically a single-user OS. /etc/shadow is meant to defeat threats from legit users that have access to /etc/passwd. Evidently on maemo that makes no sense06:24
Snafu777/etc/shadow is meant to defeat threats from non-legit users as well06:25
DocScrutinizer05it's just as nonsensical as is the approach to obfuscate your email POP/IMAP passwords in your mail client's config files, to hide them from user06:26
Maxdamantustbh, it should be reasonably secure with a different encryption algorithm.06:26
DocScrutinizer05Snafu777: that's bullshit06:26
Maxdamantusit looks like libcrypt isn't the normal one used on Linux systems (which is part of glibc)06:26
Snafu777DocScrutinizer05: Lets say I get a non privileged user account on a system I am not supposed to have access too06:26
DocScrutinizer05Snafu777: you're no supposed to fileshare /etc/passwd to a ftp server06:27
Snafu777I can snarf the contents of /etc/passwd06:27
Snafu777But i cannot see /etc/shadow06:27
Snafu777And windows is bulletproof06:27
DocScrutinizer05let's say you say random stuff06:27
Maxdamantusit supports md506:29
Maxdamantusthough that's considered broken06:29
DocScrutinizer05when you make it onto a system that you're not supposed to have any access to, nothing warrants that you can access /etc/password but not /etc/shadow - you shouldn't have access to anything on that system, once you have access it's up to your skills while hacking the system what permissions you hacked for you06:30
MaxdamantusI think it needs to be upgraded to support sha.06:30
Snafu777DocScrutinizer05: I just think of things like an attacker would06:30
*** maybeArgh has joined #maemo06:30
DocScrutinizer05no, you think of things like a script kiddie would06:30
Snafu777Okay, so do you have a sim card in your phone DocScrutinizer05 ?06:30
Snafu777I'll assume yes06:31
MaxdamantusYeah, md5 works.06:32
MaxdamantusDoesn't let me enter a partial password at least.06:32
Snafu777On that thought, do you really trust cell phone companies to provide proper security posturing on their routers to prevent user a from attacking user b on the same subnet06:32
Snafu777If you believe that06:32
DocScrutinizer05not interested in that nonsense06:33
Snafu777dig axfr06:33
Snafu777There u go06:33
Snafu777a major ISP06:33
Snafu777So yes, I do care if my phone can be bruteforced via ssh in 72^8 (average password characters of 72 character possibilities, a-z, 1-9 with a 8 char max)06:34
Snafu777because the world SUCKS at cyber security06:34
Maxdamantuscan compile that with -lcrypt06:34
Snafu777Cool Maxdamantus I shall check it out06:34
bef0rdthen don't enable sshd06:34
*** maybeWTF has quit IRC06:34
DocScrutinizer05Snafu777: sorry, you have no decent idea of how to manage a system06:34
Maxdamantusthen: ./a.out \$1\$$(tr -dc a-zA-Z0-9./ < /dev/urandom | head -c 8)06:34
Snafu777I'm not a sysadmin DocScrutinizer0506:34
MaxdamantusThere's also a `crypt` command installed, but it doesn't hide the input.06:35
Snafu777I get paid to prevent others from breaking in06:35
Snafu777Cool Maxdamantus:  Glad I at least got one person spun up on the security idea06:35
Maxdamantuswell, it's md5, so it's not really secure.06:35
Maxdamantusbut it's more secure than DES.06:35
Snafu777prevents partial passwords right?06:35
Snafu777i don't care about the bits and bytes06:35
Snafu777just the lack of actually checking for my full password06:36
Snafu777they want to bruteforce, go for it06:36
DocScrutinizer05you don't want to allow password auth? fine! forbid it, only allow ssh publey auth06:36
MaxdamantusYou don't need to brute force if you can see the hash.06:36
DocScrutinizer05pubkey even06:36
MaxdamantusWell, you need to brute force a bit06:36
Snafu777true, but my /etc/passwd isn't visible06:36
Maxdamantusbut you don't need to try every input: you can generate matches for given hashes in far less time.06:37
bef0rdalso, changing from DES to anything else will not prevent people from bruteforcing over ssh...06:37
Snafu777I didn't say they would bef0rd06:37
Snafu777I want to prevent a 72^8 attack06:37
Snafu777That's it06:37
* DocScrutinizer05 headdesks06:37
Maxdamantus72^8 = 72220413630873606:37
Snafu777yes it does06:38
Snafu777It's a phone06:38
Snafu777odds are root password is not strong06:38
Snafu777due to small keyboard06:38
Snafu777Human nature06:38
Snafu777etc... blah blah blah06:38
Snafu777and most likely a left right or right left cascade06:38
DocScrutinizer05>>blah blah blah<< first true statement06:38
Snafu777DocScrutinizer05: I'm not trying to butt heads with ya man.  U got skills that far surpass me in many respects06:39
DocScrutinizer05maemo HAS NO root password, usually06:39
*** totalizator has quit IRC06:39
Snafu777I'm just making a valid point about the in-security that is inherent on the n90006:39
*** ccxN has quit IRC06:39
DocScrutinizer05no, you jave no idea about how n900 aka fremantle works06:40
DocScrutinizer05you're trying to find the bricks to close the window for good, while letting the door wide open, in your efforts to stop the flood06:41
Snafu777I'm just going for the basics of a NIST checklist06:41
DocScrutinizer05your checklist doesn't apply to maemo. Evidently06:42
Snafu777Agreed, there is no Maemo specific checklist06:42
DocScrutinizer05search for Hildon Application Manager on your list. Search for rootsh on your list06:42
Snafu777yes i agree06:42
Snafu777and i plan to harden my gui launched apps that require root later on06:43
Snafu777not sure if i can06:43
Snafu777but i read about it somewhere06:43
Snafu777and ham i never use06:43
Snafu777I hate guis when i can command line something06:43
Snafu777I only like guis for stuff i dont want to command line06:43
DocScrutinizer05you're giving a 3 (or more?) days live performance of ~xy here06:43
Snafu777like launching an evil twin router attack06:43
Snafu777I'm just me DocScrutinizer0506:43
Snafu777I'll always be me.  And I'll always get paid to be me =)06:43
Snafu777I have a job that I love very much and it allows me to play with a keyboard.06:44
Snafu777How bad can it really be?06:44
DocScrutinizer05we're not paid for attending this performance06:44
Snafu777Sure you are06:44
Snafu777I'm charging you $28 an hour06:44
DocScrutinizer05sorry, dude. I have to take care about my logs not getting filled witj noise06:45
*** SAiF has quit IRC06:45
*** SAiF has joined #maemo06:47
*** hxka has quit IRC06:49
Snafu777Welp, off to bed07:02
Snafu777Goodnight world07:03
Snafu777gotta get a goodnights sleep.  Picking up a truckload of bricks tomorrow at home depot.  Got a big window I'm building a frame around tomorrow07:03
*** Snafu777 has quit IRC07:03
*** kwtm2 has joined #maemo07:05
*** ccxN has joined #maemo07:06
DocScrutinizer05my N900 have exactly one open port. While it's the ssh service running on that port, it's not port 22. So no matter where I'm roaming with my N900, the likelihood that somebody would find out about that open port and try a brute force attack on it is minimal. At home my N900 is behind my local NAT and thus not reachable from global internet anyway, only locally. When somebody actually would find out about that port where my sshd runs07:07
DocScrutinizer05while I'm roaming on 3G and would start a brute force attack, I'd feel pretty pissed about my battery going flatline or my /var/log/syslog clogging rootfs and this bringing system to a grinding halt - whatever will happen first. Way before that brute force attack will notice that not a single of the usernames they come up with has a valid password auth to log in via ssh07:07
DocScrutinizer05and nota bene standard default fremantle has no sshd running at all, so in the end it's *you, the user, who ruined security when you configure an insecure sshd and make it run all the time on your N90007:08
DocScrutinizer05and *all* of that becomes totally irrelevant anyway, as soon as you ignore all good advice and best practice and do a dozen things strictly deprecated on either any system (installing packages not meant for that platform) or particularly on that system (not using HAM and rather doing everything via dpkg. OMG). All perceived security flaws after doing such mayham to maemo are not worth a single line in IRC to discuss how to fix them, since07:18
DocScrutinizer05they shouldn't be there to start with07:18
*** totalizator has joined #maemo07:23
*** silviof1 is now known as silviof07:47
*** VDVsx has quit IRC07:59
*** maybeArgh has quit IRC08:13
*** maybeHere has joined #maemo08:23
*** sunny_s has joined #maemo08:23
*** VDVsx has joined #maemo08:27
*** heroux has quit IRC08:30
*** _rd has joined #maemo08:32
*** bef0rd has quit IRC08:44
*** _rd has quit IRC08:47
*** _rd has joined #maemo08:47
*** SAiF_ has joined #maemo08:52
*** florian has joined #maemo08:53
*** SAiF has quit IRC08:53
*** jormungandr has joined #maemo08:55
*** Guest54594 has quit IRC08:57
*** ebzzry_ has quit IRC09:14
*** florian has quit IRC09:18
*** florian has joined #maemo09:18
*** _rd has quit IRC09:27
*** SAiF_ has quit IRC09:29
*** SAiF has joined #maemo09:35
*** florian has quit IRC09:39
*** cypherc has quit IRC09:43
*** _rd has joined #maemo09:45
*** kolp has joined #maemo09:49
*** SAiF has quit IRC10:01
*** SAiF has joined #maemo10:05
*** eMHa__ has quit IRC10:11
*** _rd has quit IRC10:25
*** kwtm2 has quit IRC10:27
*** kwtm2 has joined #maemo10:27
*** stef_204 has joined #maemo10:28
*** cypherc has joined #maemo10:29
*** goldkatze has joined #maemo10:30
Ashley`well. i guess there is a bug in lockscreen. it checks only first ten numbers10:30
Ashley`first nine*10:31
*** florian has joined #maemo10:31
*** Kabouik has joined #maemo10:33
*** stef_204 has quit IRC10:36
Ashley`it's fucked up even more10:46
Ashley`only a few first letters need to be true10:46
Ashley`i'll investigate it at home :P10:48
*** cityLights has joined #maemo10:49
*** protem has quit IRC10:52
*** geaaru has joined #maemo10:57
*** triggerhappy has left #maemo10:58
*** triggerhappy has joined #maemo10:58
*** mavhc has quit IRC11:01
*** trx has quit IRC11:10
*** AD-N770 has joined #maemo11:20
*** fizzie has quit IRC11:23
*** Hurrian has quit IRC11:23
*** auenfx4 has quit IRC11:26
*** auenf has joined #maemo11:29
*** auenf has quit IRC11:32
*** Gatta_Negra has joined #maemo11:33
*** auenf has joined #maemo11:33
*** dhbiker has quit IRC11:34
*** dhbiker has joined #maemo11:34
*** mvp has joined #maemo11:34
*** geaaru has quit IRC11:42
*** _rd has joined #maemo11:42
*** fizzie has joined #maemo11:44
*** kwtm2 has quit IRC11:51
*** Hurrian has joined #maemo11:52
*** geaaru has joined #maemo11:53
*** cgk has joined #maemo11:57
*** ccxN has quit IRC12:07
*** _rd has quit IRC12:07
*** _rd has joined #maemo12:07
*** cgk has quit IRC12:13
*** cgk has joined #maemo12:13
*** Hurrian has quit IRC12:13
*** SAiF has quit IRC12:16
*** cgk has quit IRC12:16
*** cgk_ has joined #maemo12:16
*** SAiF has joined #maemo12:17
*** cgk_ has quit IRC12:19
DocScrutinizer05I'd not be surprised to find the lockscreen password limited to 5 chars12:20
DocScrutinizer05heck, my credit card password is limited to 412:21
*** lbt_ has quit IRC12:26
jogaI at least have 6..12:26
*** lbt_ has joined #maemo12:26
jogaor, uh, you mean the "Enter lock code" screen or something else?12:26
*** qwqwqwerrr has joined #maemo12:34
*** kwtm2 has joined #maemo12:35
*** _rd has quit IRC12:37
*** trx has joined #maemo12:43
DocScrutinizer05yes, enter lock code screen (which I never seen in my life so far ;-D )12:56
DocScrutinizer05default lockcode is "12345"12:57
DocScrutinizer05I'd guess that's the fixed length this "password" has to be, according to the coder who built lockscreen12:58
*** eMHa__ has joined #maemo13:04
*** LauRoman has joined #maemo13:06
*** lizardo has joined #maemo13:07
*** kwtm2 has quit IRC13:19
*** SAiF has quit IRC13:25
*** SAiF has joined #maemo13:27
fizzieDocScrutinizer05: It goes up to 8. (Or, rather, it accepts input up to 10, but only the first 8 digits are meaningful.)13:39
*** at1as has joined #maemo13:40
DocScrutinizer05that's pretty in line with the hash/crypt() funtion used for passwd hashes13:40
*** at1as has quit IRC13:49
*** VDVsx has quit IRC13:59
*** VDVsx has joined #maemo14:00
*** NIN101 has joined #maemo14:02
*** qwqwqwerrr has quit IRC14:03
*** SmilyOrg has joined #maemo14:13
*** Smily has quit IRC14:17
*** ebzzry_ has joined #maemo14:32
*** kolp has quit IRC14:32
*** _rd has joined #maemo14:35
*** sunny_s has quit IRC14:37
*** dos1 has joined #maemo14:50
*** _rd has quit IRC14:51
*** Kabouik has quit IRC14:52
*** fortytwo has quit IRC14:52
*** Kabouik has joined #maemo14:52
*** hxka has joined #maemo14:52
*** fortytwo has joined #maemo14:53
*** xjiujiu has joined #maemo14:55
*** heroux has joined #maemo14:55
*** heroux has quit IRC15:01
*** heroux has joined #maemo15:02
*** lbt_ is now known as lbt15:09
*** Hurrian has joined #maemo15:14
*** Venusaur has quit IRC15:18
*** Venusaur has joined #maemo15:19
*** Hurrian has quit IRC15:19
*** darkschneider has quit IRC15:21
*** darkschneider has joined #maemo15:22
*** heroux has quit IRC15:24
*** heroux has joined #maemo15:28
*** FReaper-PC has joined #maemo15:40
*** FlameReaper-PC has quit IRC15:42
*** newbie|2 has joined #maemo15:47
*** newbie|2 is now known as Snafu77715:47
* Snafu777 hugs DocScrutinizer0515:47
Snafu777chpassword -m15:47
Snafu777problem fixed15:48
*** trumee has quit IRC15:49
Snafu777chpasswd rather15:49
Snafu777not chpassword15:49
*** trumee has joined #maemo15:53
*** edheldil has quit IRC15:56
*** edheldil has joined #maemo15:59
*** Venusaur has quit IRC16:01
*** konelix has joined #maemo16:21
*** at1as has joined #maemo16:23
*** _rd has joined #maemo16:29
silviofSnafu777: for scripts 'echo "user:password" | chpasswd' is very usefull :-)16:31
*** xjiujiu has quit IRC16:32
Ashley`DocScrutinizer05: 5 numbers are enough to stop dumb friends from changing language to chinese :P16:32
Snafu777silviof: interesting16:35
Snafu777silviof: Main reason i threw that out there is that by default, maemo uses DES, and on ssh only 8 chars is needed for password16:36
Snafu777a security risk i think16:36
*** RiD has joined #maemo16:36
*** hxka has quit IRC16:38
Snafu777What I would like to find out is: what file in the system controls des vs md5 for maemo for passwd16:38
DocScrutinizer05and honestly that's all the devicelock been meant for16:38
silviofSnafu777: yes, if it so that this is ugly. But you can set some nerv-parameters on sshd_config. like LoginGraceTime snd so16:39
Snafu777Agreed, but i'm not trying to harden sshd16:39
Snafu777I was trying to find a workaround for the des issue16:39
*** _rd has quit IRC16:41
*** _rd has joined #maemo16:42
Snafu777So does anyone know that specific file that maemo uses, or is this some hardcode by default thing?16:43
warfareSnafu777: /etc/pam.d/common-password?16:53
Snafu777password   required nullok obscure md516:56
*** VDVsx has quit IRC16:56
*** Snafu777 has quit IRC16:56
*** LjL has quit IRC16:56
*** newbie|2 has joined #maemo16:58
*** newbie|2 is now known as Snafu77716:58
*** _rd has quit IRC17:02
DocScrutinizer05warfare: hmm, on maemo?17:05
DocScrutinizer05IroN900:~# ll /etc/pam*17:05
DocScrutinizer05ls: Zugriff auf /etc/pam* nicht möglich: No such file or directory17:05
*** konelix_ has joined #maemo17:06
*** konelix has quit IRC17:08
*** at1as has quit IRC17:11
*** _rd has joined #maemo17:11
*** peetah has quit IRC17:12
*** RiD has quit IRC17:13
*** t3st3r has quit IRC17:14
*** peetah has joined #maemo17:14
*** t3st3r has joined #maemo17:15
*** RiD has joined #maemo17:16
*** florian has quit IRC17:16
warfareDocScrutinizer05: my n900 has them. Belongs to libpam-runtime.17:17
DocScrutinizer05iirc optification came with PR1.2. Before that Nokia tried to cram *all* binaries into the 240MB rootfs, which probably made them a tad stingy regarding feature-richness of of the system17:18
DocScrutinizer05IroN900:~# find /lib/ /usr/lib -name '*pam*';echo $?17:19
bencoha little bit :)17:19
DocScrutinizer05IroN900:~# apt-cache policy libpam-runtime17:21
DocScrutinizer05  Installed: (none)17:21
DocScrutinizer05  Candidate: 1.0.1-maemo317:21
DocScrutinizer05  Version table:17:21
DocScrutinizer05     1.0.1-maemo3 017:21
DocScrutinizer05        500 fremantle-1.3/free Packages17:21
*** _rd has quit IRC17:22
DocScrutinizer05I wonder what's the use of libpam when the executables don't use it17:22
DocScrutinizer05IroN900:~# apt-cache policy passwd17:23
DocScrutinizer05  Installed: 1:
DocScrutinizer05  Candidate: 1:
DocScrutinizer05  Version table:17:23
DocScrutinizer05 *** 1: 017:23
DocScrutinizer05        500 ./ Packages17:23
warfareah, libpam-runtime gets pulled in through cvs, which gets pulled in through git-cvs which is depended on by git.17:25
Snafu777Well I'm glad I was able to spark something.  Even if I have no idea what ya'll are discussing as I don't do linux security =)17:26
warfareSnafu777: we were just wondering why some of us have /etc/pam.d and others don't.17:26
*** mvp has quit IRC17:27
bencohgit-cvs depended on by git ?17:27
*** _rd has joined #maemo17:32
*** ssvb has quit IRC17:34
*** sequantz has joined #maemo17:38
*** jormungandr has quit IRC17:41
*** RiD has quit IRC17:42
*** ssvb has joined #maemo17:48
*** AD-N770 has quit IRC17:53
*** AD-N770 has joined #maemo17:53
*** theblackcrow1 has joined #maemo18:04
*** konelix has joined #maemo18:04
*** konelix_ has quit IRC18:06
theblackcrow1hello, i found the widget desktop-cmd, which fullfills my needs. but if it's installed, there are tapping errors on the whole display widgets and icons. has anyone an alternative for me?18:06
*** cypherc has quit IRC18:07
*** zGrr has joined #maemo18:08
zGrrmoin :)18:09
*** messerting has joined #maemo18:15
*** konelix__ has joined #maemo18:19
*** japa-fi has joined #maemo18:20
*** konelix has quit IRC18:23
*** _rd has quit IRC18:32
*** konelix has joined #maemo18:37
*** konelix__ has quit IRC18:40
*** cypherc has joined #maemo18:44
DocScrutinizer05I'm not available for council meeting tonight18:47
DocScrutinizer05theblackcrow1: queenbeecon18:49
DocScrutinizer05theblackcrow1: though I never had problems with cmd execution widget18:50
DocScrutinizer05theblackcrow1: while queenbeecon is overkill and a real pita to configure, thanks to a zillion options. Well, test it, you might love it18:51
*** arcean has joined #maemo18:52
bencohtalking about queenbeecon, does hildon-desktop properly handle desktop widgets with desktop refresh (as in queenbeecon for instance) and locked/inactive screen ?18:53
bencohit feels like it just sucks battery18:53
bencohand I suspect a few flows in hildon-desktop code regarding this part, though I'm not sure :)18:54
theblackcrow1DocScrutinizer05: thanks, i'll try it :)18:55
*** SAiF has quit IRC18:55
*** VDVsx has joined #maemo18:59
*** SmilyOrg is now known as Smily19:04
*** cypherc has quit IRC19:05
theblackcrow1DocScrutinizer05: thanks, queen-beecon works very nice (until now) and wow, much to configure!19:11
*** raccoon- has joined #maemo19:11
*** hxka has joined #maemo19:17
*** Gadgetoid has left #maemo19:33
*** sq-one has joined #maemo19:52
*** kwtm has joined #maemo19:57
*** AD-N770 has quit IRC20:06
*** Gatta_Negra has quit IRC20:18
*** zGrr has quit IRC20:21
*** Kabouik has quit IRC20:25
*** APTX_ has joined #maemo20:41
*** Kabouik has joined #maemo20:43
*** florian has joined #maemo20:45
*** githogori has quit IRC21:02
*** andre___ has quit IRC21:03
*** RiD has joined #maemo21:11
*** at1as has joined #maemo21:20
*** _rd has joined #maemo21:21
*** pcfe has quit IRC21:33
*** pcfe has joined #maemo21:33
*** pcfe has quit IRC21:33
*** pcfe has joined #maemo21:33
*** kwtm1 has joined #maemo21:34
*** konelix has quit IRC21:36
*** kwtm has quit IRC21:38
*** kwtm2 has joined #maemo21:41
*** mavhc has joined #maemo21:43
*** Gadgetoid has joined #maemo21:46
*** valerius has quit IRC22:13
*** valeriusL has quit IRC22:14
*** valeriusL has joined #maemo22:26
*** valerius has joined #maemo22:28
*** sunny_s has joined #maemo22:38
*** andre__ has joined #maemo22:47
*** lbt has quit IRC22:51
*** dhbiker has quit IRC22:51
*** dhbiker has joined #maemo22:53
*** kwtm2 has quit IRC22:59
*** _rd has quit IRC23:05
*** Snafu777 has quit IRC23:07
*** valerius has quit IRC23:16
*** valeriusL has quit IRC23:17
*** M4rtinK has joined #maemo23:21
*** kwtm has joined #maemo23:21
*** kwtm1 has quit IRC23:24
*** NIN101 has quit IRC23:25
*** andre__ has quit IRC23:26
*** valeriusL has joined #maemo23:30
*** valerius has joined #maemo23:31
*** g3kk3r_ has quit IRC23:32
*** g3kk3r has joined #maemo23:32
*** lizardo has quit IRC23:35
*** yosafbridge has quit IRC23:41
*** yosafbridge has joined #maemo23:42
*** Scorcerer has quit IRC23:44
*** till has quit IRC23:45
*** r00t^home has quit IRC23:45
*** till has joined #maemo23:46
*** Scorcerer has joined #maemo23:47
*** Mekkis has quit IRC23:47
*** APTX| has joined #maemo23:47
*** APTX|_ has joined #maemo23:47
*** raccoon- has quit IRC23:47
*** APTX_ has quit IRC23:47
*** APTX has quit IRC23:47
*** raccoon- has joined #maemo23:48
*** Mekkis has joined #maemo23:49
*** r00t^home has joined #maemo23:50
*** at1as has quit IRC23:54
*** messerting has quit IRC23:59

Generated by 2.15.1 by Marius Gedminas - find it at!