I've attached a small script that might be used to 'mount' a remote sshfs directly from within Fatdog X. Not the best way (entering passwords etc. is best done from a ctrl-alt-fn console session), but easier to use i.e. can be a desktop icon or menu entry. Can also be run directly from the cli.
Near the top, you can use either a IP or a name (assuming the IP is associated/listed in /etc/hosts). Edit the file to change the userid, remote and local mount points as needed.
When run from within X the script prompts you to switch to xterm Secure Keyboard mode before entering the password, so less likely to be eavesdropped.
Ideally if running under X the proper xterm (from gslapt) should be installed as urxvt AFAIK doesn't support secure keyboard mode. I haven't tested it, but suspect the script might still work if your xterm is a symbolic link to urxvt or similar (but the Secure Keyboard likely wont work).
The script self contains another script (browse at your leisure). I encoded it that way to save having to post two scripts. That other script simply enables telnet to time out, i.e. I've used telnet to validate the server is up as my OpenBSD box doesn't respond to pings.
Of course you'll need a ssh server to connect to. I'm running fatdog livecd multisession with no local disks and using this script to connect to a old single core celeron box running OpenBSD that serves as my data/documents server. I have a entry for celeron 192.168.1.1 type entry in /etc/hosts on fatdog for that, and the script default has userid set to 'user' that is used to login to the OBSD box. The settings have local fatdog /root/Music folder as the mount point for the OBSD /home/user/Music folder - change those to yours as appropriate.
After successful sshfs, the script invokes rox to show the local mount point folder content.
When done, simply run umount /root/Music ... or wherever you mounted it.
The way I have the OBSD /home/user/Music folder structured is that all files in that folder are owned by root, user just has read/execute authorities - so even if fatdog is hacked those files can't be changed/wiped. A sub folder however that I've called fatdog is owned by user, so I can wrx files in that folder from fatdog (as could a fatdog hacker). For sensitive documents ... I store them elsewhere (another folder), owned by root, so they're inaccessible even from fatdog - unless I ssh into the OBSD box and switch to root.
EDIT: ... xterm Secure Keyboard ... not so secure!!! Testing the following running under spot, and it sees root keystrokes both in normal and xterm Secure Keyboard modes. Mezathinking iza stick withza passwords via cli !!!
Code: Select all
#include <X11/Xlib.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
/* Hmmm! xterm Secure Keyboard ... not so secure !!! */
/* http://insecure.org/sploits/xsecurekeyboard_fequent_query.html */
/* compile using : gcc logger.c -o logger -lX11 */
int main(int argc, char **argv) {
Display *disp;
int i, changed;
char *s;
struct timeval shorttime;
char keys[32];
char lastkeys[32];
shorttime.tv_sec = 0;
shorttime.tv_usec = 10;
s = getenv("DISPLAY");
disp = XOpenDisplay(s);
if (NULL==disp) {
fprintf(stderr, "%s: can't open display %s\n", argv[0], s);
exit(1);
}
for(i=0; i<32; i++) {
keys[i] = 0;
lastkeys[i] = 1;
}
while(1) {
select(0, NULL, NULL, NULL, &shorttime);
XQueryKeymap(disp, keys);
changed = 0;
for(i=0; i<32; i++) {
if (keys[i] != lastkeys[i])
changed = 1;
lastkeys[i] = keys[i];
}
if (changed) {
printf("Keyboard status:\n ");
for (i=0; i<32; i++)
printf("%02x ", (unsigned char)keys[i]);
printf("\n\n");
}
}
XCloseDisplay(disp);
return 0;
}
EDIT: See also
http://murga-linux.com/puppy/viewtopic. ... 944#988944