We have moved to a new Sailfish OS Forum. Please start new discussions there.
14

Remote shell over cellular+vpn in Sailfish 3.0.1.11 / 3.0.2.8

asked 2019-01-13 17:31:02 +0200

Pasko gravatar image

updated 2019-03-21 21:23:11 +0200

Hi.

Version 3.0.1.11 of Sailfish comes with new firewall rules to improve security. One of these changes forbids remote ssh access over the cellular connection which is great.... except if you are already securing your cellular data connection through an VPN.

In order to recover ssh access via cellular+VPN I added a few lines at the end of file:

/etc/connman/firewall.d/00-devmode-firewall.conf

The lines added where these:

    ...
[vpn]

IPv4.INPUT.RULES = -p tcp -m tcp --dport 22 -j ACCEPT
IPv6.INPUT.RULES = -p tcp -m tcp --dport 22 -j ACCEPT

After these changes, restart the network subsystem via Settings App -> Utilities -> Restart Network and try to connect again to see if it works.

I hope this helps someone :).

Regards.

EDIT 2018/03/21: After upgrading to release 3.0.2.8 the last step didn't work. I had to use:

root@Sailfish # systemctl restart connman

To make it work. (It may log you out if you're connected remotely :D )

edit retag flag offensive close delete

1 Answer

Sort by » oldest newest most voted
2

answered 2019-03-26 10:11:45 +0200

jlaakkonen gravatar image

Nice that you've found the firewall configurations. I'd suggest adding a separate file for own rules into the /etc/connman/firewall.d/ - the files are processed in alphabetical order and each must have a firewall.conf suffix. Main reason for adding separate files for own rules is that these files installed by configuration packages may be overwritten or the contents can change between version updates.

Documentation for the firewall is available at https://jolla.zendesk.com/hc/en-us/articles/360017800813-Firewall-in-Sailfish-OS

edit flag offensive delete publish link more

Comments

Hi.

Thanks a lot.I'll take a look and keep it in mind.:)

Regards.

Pasko ( 2019-03-26 10:48:19 +0200 )edit
Login/Signup to Answer

Question tools

Follow
9 followers

subscribe to rss feed

Stats

Asked: 2019-01-13 17:31:02 +0200

Seen: 579 times

Last updated: Mar 21 '19

Related questions

Firewalling the jolla

I want a hardware keyboard with solar charger TOH [answered]

Markdown basics [not relevant]

VPN client [released]

Prevent accidental shutdown [answered]

A dual sim with TOH [not relevant]

Jolla applications should be preinstalled with a new device [not relevant]

iCloude or Skydrive type services on Jolla

Fixed sorting of application covers on home screen [released]

[Implemented in 1.0.3.8] After screen time out, return to last active app [released]

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49