Jump to content

Éd_D

Active Members
  • Posts

    26
  • Joined

  • Last visited

About Éd_D

  • Birthday December 1

Profile Information

  • Location
    France
  • Interests
    I love playing, making experiments, learning…

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. On the LAN Turtle, AutoSSH is running: root@turtle:~# ps […] 28771 root 936 S /usr/sbin/autossh -M 20000 -i /root/.ssh/id_rsa -N -T -R xxxxx:localhost:22 turtle@vps.domain.tld -p 22 […] root@turtle:~# (Debian man page about autossh [https://manpages.debian.org/bullseye/autossh/autossh.1.en.html] is not complete enough to understand all the command line arguments.) From here, everything looks ok. No problem with the ssh connection to the VPS.
  2. In fact, I have changed the ssh port (22) by a custom one (port number chosen between 49152 and 65535) for security reason. When I copy commands and screen output on the forum, I write 2222 instead the real l number because "2222" look nice as customed ssh number… 🙂
  3. I tried both: turtle@vps:~$ ssh root@localhost ssh: connect to host localhost port 22: Connection refused turtle@vps:~$ ssh -p 22 root@localhost ssh: connect to host localhost port 22: Connection refused turtle@vps:~$ ssh -p 2222 root@localhost root@localhost's password: Permission denied, please try again. root@localhost's password: Permission denied, please try again. root@localhost's password: ^C turtle@vps:~$
  4. I think that sshd is misconfigured on the vps: root@vps:~# grep ^[^#] /etc/ssh/sshd_config Port 2222 PermitRootLogin no ChallengeResponseAuthentication no UsePAM yes PrintMotd no AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server PasswordAuthentication yes root@vps:~# (When commissioning, I only uncommented the Port directive, changed 22 to 2222 on this ligne and changed yes to no for the PermitRootLogin directive…)
  5. I have a problem that looks like… The AutoSSH connection is up on the Turtle. On the VPS, when I try: ssh root@localhost the connection is refused…
  6. I did some reading... and I realized that Tor does not work like a traditional VPN that I have been using until now! Tor does not use a dedicated interface like "tun0". Tor encrypts and forwards what it receives on port 9001 to the "next relay". Also, the command "iptables -t nat -A POSTROUTING -o lo --destination-port 9001 -j MASQUERADE" is not correct. There is something somewhere that I do not understand.
  7. 👍 You are my saviour! 😉 root@raspberry:~# find / -name tor@default.service /run/systemd/generator/tor.service.wants/tor@default.service /usr/lib/systemd/system/tor@default.service /sys/fs/cgroup/pids/system.slice/system-tor.slice/tor@default.service /sys/fs/cgroup/devices/system.slice/system-tor.slice/tor@default.service /sys/fs/cgroup/systemd/system.slice/system-tor.slice/tor@default.service /sys/fs/cgroup/unified/system.slice/system-tor.slice/tor@default.service root@raspberry:~# ls -l /run/systemd/generator/tor.service.wants/tor@default.service lrwxrwxrwx 1 root root 39 Feb 14 2019 /run/systemd/generator/tor.service.wants/tor@default.service -> /lib/systemd/system/tor@default.service root@raspberry:~# grep RunAsDaemon /usr/lib/systemd/system/tor@default.service ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config ExecStart=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 root@raspberry:~# Thank you. The next step now is a 'tun0' interface with Tor…
  8. root@raspberry:~# cat /etc/systemd/system/multi-user.target.wants/tor.service # This service is actually a systemd target, # but we are using a service since targets cannot be reloaded. [Unit] Description=Anonymizing overlay network for TCP (multi-instance-master) [Service] Type=oneshot RemainAfterExit=yes ExecStart=/bin/true ExecReload=/bin/true [Install] WantedBy=multi-user.target root@raspberry:~# ❓❓❓WTF root@raspberry:~# find / -name tor.service /etc/systemd/system/multi-user.target.wants/tor.service /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/tor.service /usr/lib/systemd/system/tor.service /sys/fs/cgroup/pids/system.slice/tor.service /sys/fs/cgroup/devices/system.slice/tor.service /sys/fs/cgroup/systemd/system.slice/tor.service /sys/fs/cgroup/unified/system.slice/tor.service root@raspberry:~# ls -l /etc/systemd/system/multi-user.target.wants/tor.service \ > /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/tor.service \ > /usr/lib/systemd/system/tor.service /sys/fs/cgroup/pids/system.slice/tor.service \ > /sys/fs/cgroup/devices/system.slice/tor.service \ > /sys/fs/cgroup/systemd/system.slice/tor.service \ > /sys/fs/cgroup/unified/system.slice/tor.service lrwxrwxrwx 1 root root 31 Aug 9 22:39 /etc/systemd/system/multi-user.target.wants/tor.service -> /lib/systemd/system/tor.service -rw-r--r-- 1 root root 312 Jun 18 08:27 /usr/lib/systemd/system/tor.service -rw-r--r-- 1 root root 0 Aug 8 22:09 /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/tor.service /sys/fs/cgroup/devices/system.slice/tor.service: total 0 -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.clone_children -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.procs --w------- 1 root root 0 Aug 9 22:39 devices.allow --w------- 1 root root 0 Aug 10 14:08 devices.deny -r--r--r-- 1 root root 0 Aug 10 14:08 devices.list -rw-r--r-- 1 root root 0 Aug 10 14:08 notify_on_release -rw-r--r-- 1 root root 0 Aug 10 14:08 tasks /sys/fs/cgroup/pids/system.slice/tor.service: total 0 -rw-r--r-- 1 root root 0 Aug 10 13:53 cgroup.clone_children -rw-r--r-- 1 root root 0 Aug 10 13:53 cgroup.procs -rw-r--r-- 1 root root 0 Aug 10 13:53 notify_on_release -r--r--r-- 1 root root 0 Aug 10 13:53 pids.current -r--r--r-- 1 root root 0 Aug 10 13:53 pids.events -rw-r--r-- 1 root root 0 Aug 9 22:39 pids.max -rw-r--r-- 1 root root 0 Aug 10 13:53 tasks /sys/fs/cgroup/systemd/system.slice/tor.service: total 0 -rw-r--r-- 1 root root 0 Aug 10 13:53 cgroup.clone_children -rw-r--r-- 1 root root 0 Aug 10 13:53 cgroup.procs -rw-r--r-- 1 root root 0 Aug 10 13:53 notify_on_release -rw-r--r-- 1 root root 0 Aug 10 13:53 tasks /sys/fs/cgroup/unified/system.slice/tor.service: total 0 -r--r--r-- 1 root root 0 Aug 10 14:08 cgroup.controllers -r--r--r-- 1 root root 0 Aug 9 22:39 cgroup.events -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.freeze -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.max.depth -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.max.descendants -rw-r--r-- 1 root root 0 Aug 9 22:39 cgroup.procs -r--r--r-- 1 root root 0 Aug 10 14:08 cgroup.stat -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.subtree_control -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.threads -rw-r--r-- 1 root root 0 Aug 10 14:08 cgroup.type -r--r--r-- 1 root root 0 Aug 10 14:08 cpu.stat root@raspberry:~# Oh, my God! What are these directories and empty files???
  9. Hi Everybody, I hope this topic is the good one for my problem… I use a raspberry Pi 3B as small wireless router : 1. 'eth0' interface is using 'dhcpcd' for the WAN connection; 2. 'wlan0' interface is running with 'hostapd' and 'dnsmasq' as a hotspot; 3. the rule 'iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE' allows routing… Everything is ok, but not secure… Next step: I want to use Tor as a tunnel and change the routing rule as 'iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE'… root@raspberry:~# apt-get update […] root@raspberry:~# apt-get upgrade […] root@raspberry:~# apt-get install tor […] root@raspberry:~# ps xa […] 1064 ? Ss 0:06 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 […] root@raspberry:~# Tor is running… The 'ifconfig' command shows 'eth0', 'lo' and 'wlan0' interfaces but there is no 'tun0' interface on my RPI! I think, Tor is not using a 'tun0' interface because it is not a daemon (client mode) with the option "--Run AsDaemon 0". root@raspberry:~# cat /usr/share/tor/tor-service-defaults-torrc DataDirectory /var/lib/tor PidFile /run/tor/tor.pid RunAsDaemon 1 User debian-tor ControlSocket /run/tor/control GroupWritable RelaxDirModeCheck ControlSocketsGroupWritable 1 SocksPort unix:/run/tor/socks WorldWritable SocksPort 9050 CookieAuthentication 1 CookieAuthFileGroupReadable 1 CookieAuthFile /run/tor/control.authcookie Log notice syslog root@raspberry:~# grep ^[^#] /etc/tor/torrc root@raspberry:~# As all lines in the the '/etc/tor/torrc' are commented, I have uncommented the 'RunAsDaemon 1' line. 
After Tor restarts, nothing has changed : root@raspberry:~# ps xa […] 3223 ? Ss 0:12 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 […] root@raspberry:~# I can't understand where this '--RunAsDaemon 0' is coming from! 
I have not found any information about that, neither on raspbian site, nor on torproject site. Have you an idea?
 Something to read? Regards, Éd. D.
  10. I answer to myself… 😂 With internal "reformat_usb" command, it is working very fine! My squirrel is upgraded.
  11. Hi, How can I upgrade the firmware… when crc32C is missing for my USB stick! (I's a vicious circle!!!)
  12. 🤣 I am so used to doing my system configurations by hand with Vi!!! 🤣 For information, the GUI appends in the /etc/config/wireless file: config wifi-device 'radio2' option type 'mac80211' option channel '11' option hwmode '11g' option path 'platform/ehci-platform/usb1/1-1/1-1.3/1-1.3:1.0' option htmode 'HT20' config wifi-iface option device 'radio2' option ifname 'wlan2' option mode 'sta' option network 'wwan' option ssid 'myMobileWiFiSSID' option encryption 'psk2+ccmp' option key 'myMobileWiFiKey' and the path "platform/ehci-platform/usb1/<etc>" is a subsystem (like "/dev") in "/sys/devices"… I had almost reached the same point with the couple RTFM & Vi! I will put a note on my computer screen: "⚠️Visit the GUI before use SSH & Vi…" 😁 Regards. Éd.
  13. I want to mount the extra WiFi adapter as wlan2, in client mode, to use my WiFi Pineapple NANO alone, just plugged into a battery... I will look at the URL you sent me. Thank you.
  14. Hello, I need some clarification to understand what I am doing. After plugging my RT5390 WiFi adapter (sold by Hak5 with my WiFi Pineapple NANO, but not used until yet…), I can verify if the adapter is recognised by the Pineapple… root@Pineapple:~# dmesg | tail -n 5 [ 865.323205] usb 1-1.3: new high-speed USB device number 5 using ehci-platform [ 865.613332] usb 1-1.3: reset high-speed USB device number 5 using ehci-platform [ 865.783339] ieee80211 phy2: rt2x00_set_rt: Info - RT chipset 5390, rev 0502 detected [ 865.869931] ieee80211 phy2: rt2x00_set_rf: Info - RF chipset 5370 detected [ 865.902917] ieee80211 phy2: Selected rate control algorithm 'minstrel_ht' root@Pineapple:~# lsmod | grep rt2x00 cfg80211 232618 11 rtlwifi,rtl8187,rt2x00lib,mt76x02_usb,mt76x02_lib,mt76,ath9k_htc,ath9k,ath9k_common,ath,mac80211 mac80211 465192 14 rtl8192cu,rtl_usb,rtlwifi,rtl8187,rt2800lib,rt2x00usb,rt2x00lib,mt76x2u,mt76x02_usb,mt76x02_lib,mt76_usb,mt76,ath9k_htc,ath9k rt2x00lib 36563 3 rt2800usb,rt2800lib,rt2x00usb rt2x00usb 8473 1 rt2800usb usbcore 134398 35 smsc95xx,sierra_net,rndis_host,qmi_wwan,cdc_ether,ax88179_178a,asix,usbnet,ums_usbat,ums_sddr55,ums_sddr09,ums_karma,ums_jumpshot,ums_isd200,ums_freecom,ums_datafab,ums_cypress,ums_alauda,cdc_wdm,cdc_acm,rtl8192cu,rtl_usb,rtl8187,rt2800usb,rt2x00usb,mt76x2u,mt76x02_usb,mt76_usb,ath9k_htc,usb_storage,uhci_hcd,ohci_platform,ohci_hcd,ehci_platform,ehci_hcd root@Pineapple:~# root@Pineapple:~# lsusb Bus 001 Device 004: ID 05e3:0745 Genesys Logic, Inc. Logilink CR0012 Bus 001 Device 003: ID 0cf3:9271 Qualcomm Atheros Communications AR9271 802.11n Bus 001 Device 005: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter Bus 001 Device 002: ID 058f:6254 Alcor Micro Corp. USB Hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub root@Pineapple:~# I think that everything is ok… The WiFi adapter look like recognized and ready to use. Nothing has changed in the the web admin interface of the WiFi Pineapple NANO, which is normal since the adapter is not yet configured in /etc/config/wireless (https://docs.hak5.org/hc/en-us/articles/360010471494-WiFi-Client-Mode). I found a config mini how-to at the URL: http://h-wrt.com/en/mini-how-to/wifi_openwrt I think that I need to append the following lines in the existing /etc/config/wireless file. config wifi-device 'radio2' option type 'mac80211' option channel 'auto' option hwmode '11n' option path 'platform/ehci-platform/< must be completed > option disabled '0' config wifi-iface option device 'radio2' option network 'wwan' option mode 'sta' Do you agree with this first step? How can I found the path to use for the radio device configuration ? Will 'radio2' be automatically linked to 'wlan2'? In the OpenWRT doc I read, the credentials to the access point connection (SSID & key) are stored in the /etc/config/wireless file: config wifi-iface option device 'radio2' option network 'wwan' option mode 'sta' option ssid 'testwifi' option encryption 'psk2' option key '1234567890' Does that mean, that I can configure only one access point? Can I use a wpa-supplicant configuration for one network at home, one at work and so on, like on a Linux laptop? But I did not find a file like wpa_supplicant.conf in the WiFi Pineapple NANO system files… Thank you in advance for your explanations. Regards, Éd.
  15. Hi everyone, Is there any particular reason to use Google® DNS servers (8.8.8.8 & 8.8.4.4) in the Hak5 devices configuration files? Regards, Éd.
×
×
  • Create New...