SSH Access confirmation
Simple application for controlling incoming ssh cconnections. Every connection will be prompted for user confirmation or notified to user.
Settings applet in System -> Security -> SSH
Pam remote host value may contain hostname or ip depends on your network/ssh/dns configuration, so it's allowed to write anything to whitelist config and user responsible to control this himself.
Sources: https://github.com/CODeRUS/ssh-pam-access-control
Donations are welcome =)
Screenshots:
Category:
Application versions:
| Attachment | Size | Date |
|---|---|---|
 ssh-pam-access-control-0.1.0-1.armv7hl.rpm | 100.31 KB | 07/02/2015 - 21:02 |
| ssh-pam-access-control-0.2.0-1.armv7hl.rpm | 105.3 KB | 08/02/2015 - 03:22 |
| ssh-pam-access-control-0.3.0-1.armv7hl.rpm | 105.72 KB | 11/02/2015 - 11:26 |
| ssh-pam-access-control-0.3.6-1.armv7hl.rpm | 106.23 KB | 11/02/2015 - 13:48 |
Changelog:
Updated UI to be dialog
Allowed to write anuthing to whitelist config (read application description)
Comments
oenone
Sat, 2020/11/28 - 19:34
Permalink
Maybe not best to install on 3.4.0.24. Lost all SSH access (both via network and USB) and removing this application and rebooting did not help restore access.
Spezifish
Tue, 2017/10/24 - 13:52
Permalink
This app works good on Sailfish 2.1.2.3. Is there a bug: If I Added a IP-Adress to the whitelist, i receive no more connection warning from my mobilephone. And If i Delete this ip again, it will also shown into the whitelist again at next time. Reinstalling takes no effekt. Pleas help me.
objectifnul
Fri, 2017/10/13 - 00:46
Permalink
With SailfishX (2.1.3.5 Kymijoki) on Xperia X, settings are not saved, except "Don't ask for confirmation, only notify". The white list does not survive after the setup page is closed.
UiPo1goo
Sun, 2017/12/10 - 16:58
Permalink
Me 2
armorica
Mon, 2017/05/08 - 22:33
Permalink
App stopped working after upgrade to SailfishOS 2.1.0.11. Got it working again by unistall - install. I did uninstall the openSSH from openrepos as well, but that may not have been necessary.
I'm happy to have it working again, as I use it for a kind of 2-factor authentication. I store my (passkey secured) ssh keys on my Jolla and will scp them over (temporarily) for loading them into ssh-agent every boot of my laptop. With a locked phone, this requires the PIN to unlock it all.
In the future I will block the phone itself from making the ssh on the server. Thus you need the 2 devices together + PIN to get the connection.
SaimenSays
Wed, 2015/09/02 - 23:59
Permalink
Is there a known problem on 1.1.7? I've installed this tool first time nuw, but ssh login is possible without any notification. Also whitelist to some ip does not change anything.
groxxorg
Thu, 2015/06/25 - 20:32
Permalink
THX for this! As @meemorph said before: Very nice feature, and the sound helps to find the phone ;-)
inte
Fri, 2015/04/24 - 11:25
Permalink
App used to work but stopped working for me.
I can ssh into the phone w/o any notification nor confirmation...
jolla_jo
Wed, 2015/04/01 - 21:15
Permalink
I suppose it is not supposed to work when using ssh over the usb cable? At least for me it doesn't work in that case.
EDIT: Doesn't work with Wifi either. Any idea what I'm doing wrong? Am I supposed to do anything at all?
EDIT2: By "does not work" I mean it does not do anything at all. No notification, no dialog. Only thing which came to my mind was some iptables rules I added, but I suppose they shouldn't stop this thingy?
EDIT3: Yes, I double-checked the daemon is running... Is it working for everybody else?
inte
Mon, 2015/07/13 - 20:11
Permalink
I didnt work for me as long as I head a newer ssh release from openrepos installed. Works fine with the original jolla release now!
Louis
Sat, 2015/02/28 - 05:11
Permalink
What a great app. Thanks a lot :)
Sugguestions:
Enable/disable ssh service widget that can be used from settings or eventview
More options to get notified when a client wants to connect whatever it's whitelisted, needs confirmations or automatically accepted, like viberation or notifications like "your-whitelisted-ip has logged in"..
Whitelist support managed by MAC addresses
coderus
Sat, 2015/02/28 - 05:16
Permalink
no mac support, sorry. if you want to contribute - you welcome :D
will think about other suggestions some day.
bocki
Sun, 2015/02/08 - 22:27
Permalink
Thank you so much. I love it.
lkdhf
Sun, 2015/02/08 - 22:02
Permalink
Great idea, thanks!
meemorph
Sat, 2015/02/07 - 22:15
Permalink
Very nice feature, and the sound helps to find the phone ;-)