WARNINGS -------- DO NOT ENABLE REMOTE ROOT LOGIN WITH THE DEFAULT ROOT CREDENTIALS. USE OF PUBLIC KEY AUTHENTICATION ONLY IS HIGHLY RECOMMENDED. DO NOT ATTEMPT ANY OF THIS UNLESS IF YOU'RE FAMILIAR WITH LINUX. IF YOU MESS UP YOU COULD END UP BRICKING YOUR PHONE. YOU HAVE BEEN WARNED. PREFACE ------- N9 developer mode allows ssh access. However, PR1.1 update disabled the root login, even if you had manually enabled in from /etc/ssh/sshd_config. While a sane security measure I really want to use ssh rather than using devel-su to gain root access. DETAILS ------- /etc/init/ssh.conf is responsible for lauching the SSH daemon: >> description "SSH" >> >> # started by group-mce.conf >> stop on stopped dbus >> >> console output >> respawn >> respawn limit 3 300 >> normal exit 0 >> oom -17 >> >> script >> test -x /usr/sbin/sshd || exit 0 >> >> if test -f /etc/default/ssh; then >> . /etc/default/ssh >> fi >> >> root_permitted="-o PermitRootLogin=no" >> if test -x /usr/sbin/rdc_cert_verify && \ >> $(/usr/sbin/rdc_cert_verify &> /dev/null) >> then >> root_permitted="-o PermitRootLogin=yes" >> fi >> >> # Create the PrivSep empty dir if necessary >> if [ ! -d /var/run/sshd ]; then >> mkdir -p /var/run/sshd >> chmod 0755 /var/run/sshd >> fi >> exec /usr/sbin/sshd $root_permitted $SSHD_OPTS >> end script As you can see /usr/sbin/rdc_cert_verify is used to determine if root remote login is allowed or not. Apparently it checks for a certificate likely only available for the Nokia developers. >> ~ # /usr/sbin/rdc_cert_verify >> /usr/sbin/rdc_cert_verify: Could not read RD cert (-3) >> ~ # You cannot modify rdc_cert_verify or ssh.conf as they are included in aegis: >> ~ # egrep '(usr/sbin/rdc_cert_verify|etc/init/ssh\.conf)' /var/lib/aegis/refhashlist >> S 15 com.nokia.maemo H 40 4359933ef6e8abc3f20dc35bcc3caea8515d872e A 0 0 33261 P 15 system-services R 24 usr/sbin/rdc_cert_verify >> S 15 com.nokia.maemo H 40 268648a5c1d4eb2bf2ced2ed79780515da6e5bae A 0 0 33188 P 15 system-services R 17 etc/init/ssh.conf >> ~ # So how to fix it? Adding things to $SSHD_OPTS won't do as the earlier $root_permitted has precedence. But /etc/default/ssh is not controlled by aegis: >> ~ # grep etc/default/ssh /var/lib/aegis/refhashlist >> ~ # Hmm, so, how about lauching sshd directly in /etc/default/ssh ? Since this sshd instance will bind to the SSH port the 2nd attempt to lauch it will just get ignored, which is exactly what we want. So lets enable remote root login again (or rather make it controllable via /etc/ssh/sshd_config like before): >> ~ # echo -e 'mkdir -m 0755 -p /var/run/sshd\nexec /usr/sbin/sshd $SSHD_OPTS' >> /etc/default/ssh >> ~ # pkill -9 /usr/sbin/sshd >> ~ # NOTE: sshd by default will respawn 3 times. If it doesn't come back you messed something up or sshd has died 3 times. Rebooting may help. If not, well, good luck trying to fix things using the on-screen keyboard. Didn't I warn you not to mess up? Harry "Piru" Sintonen