On Sun, 16 Sep 2012 01:07:52 +0200 David Kuehling <dvdkh...@gmx.de> wrote:
> Hi Delbert, > > >>>>> "Delbert" == Delbert Franz <d...@sonic.net> writes: > [..] > > I then did some fiddling with updating the authorized_keys files on > > both computers but that made no difference. Then, I noticed something > > that I had overlooked: when I pinged from the NN to my other LAN > > machines, the IP addresses were wrong. They were all WAN addresses. > > Then my foggy grey matter recalled: "I have seen this before!" There > > is a problem with DNS in the /etc/config/network file! > > [..] > > > Nice to see that you were able to solve your problems. It still leaves > me startled as to why it's actually working for you :) You're certainly > not using the standard NAT setup described in > > http://en.qi-hardware.com/wiki/Ethernet_over_USB > > Because with NAT you won't be able to SSH into your NanoNote from other > machines on your LAN. > > However, without NAT, your other LAN machines would have to be aware of > the network having two routers; (1) the internet gateway and (2) the > machine that the NanoNote is connected to via USB. Or do you somehow > connect the NN directly to a USB-enabled router? > > Just being curious. I would have used a eth0-to-usb0 ethernet bridging > setup for simplicity, but never heard of anyone here who tried to make > that work. > > cheers, > > David David, I'm using what Xiangfu Liu presented on the list in response to problems I had with what may have been the NAT setup you described. I forget now if the problem was caused by an update on my Debian desktops or an update to a new image for the NN. In any case I like what I am using now better. Here is what I have setup: On the machine to which the NN is connected: (host machine) Create an executable script with the contents: #!/bin/sh ifconfig usb0 192.168.254.100 iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.254.0/24 sysctl -w net.ipv4.ip_forward=1 route add -host 192.168.254.101 usb Notice that the IP addresses are just picked from one of the local networks set aside for NAT. If these conflict with what you have already, just pick another range and use those IP's consistently throughout the following scripts. On the NN, in /etc/config/network, you should have this: config interface lan option ifname usb0 option proto static option ipaddr 192.168.254.101 option netmask 255.255.255.0 option gateway 192.168.254.100 option 'dns' '208.67.222.222 192.168.1.1' # option 'dns' '208.67.222.222' The first of the two DNS IP addresses is a public DNS to access the Internet. The second is the local DNS for my LAN. With the NN booted and running, connect it to a USB port on your host machine. You might see some message about a "gadget" being attached, depends on how you are running the NN. I am always in console mode. In fact, I remove gmenu2x from my rootfs:) Then execute the connection script on the host machine. On the NN restart the network by executing: /etc/init.d/network restart I put that in a script with a short name--involves less typing on the NN. You should now be able to ping the NN from the host machine and you should be able to ping 192.158.254.101 from the host machine. My NN has the name of "nn" so I put the following line in the /etc/hosts file on the host machine and on other machines in your LAN: 192.168.254.101 nn The final script needed is to be run on the other machines in your LAN: #!/bin/sh #Delete old route-ip address may have changed route del -net 192.168.254.0/24 #Add a route to ac to access nn route add -net 192.168.254.0 netmask 255.255.255.0 gw ac eth0 Here "ac" is the name of my host machine. One could use a command-line argument to the script to give the name of the host machine if you are wont to connect the NN to different machines. Also your ethernet link may not be "eth0" and that may have to be changed. However, we are not ready to ssh to anything yet. By default, OpenWRT uses dropbear for ssh. It is smaller than openssh but as I vaguely recall, I could not get something to work between dropbear and the openssh on my other machines. So I used opkg to remove dropbear and to install openssh-client, openssh-keygen, and openssh-server. I think the default settings in the config files, which are in /etc/ssh work out of the box. I went to the effort to generate public-private key pairs and then set up an authorized_keys file on nearly all my LAN machines. This is still a work in progress because the NN runs with the root user and I don't have key pairs generated yet for the root user on my other machines. However, I reset the NN password to "nn" so that the password request is not onerous:) There are various sites on the Internet that discuss how to setup passwordless ssh. I used http://www.debian.org/devel/passwordlessssh since I use Debian on all my other machines. The setup works well. I can ssh from the NN to any machine on my LAN and from any machine on my LAN to the NN. I currently make manual changes when I am off my LAN. It is probably possible to use a well contrived shell script to automate the process, but that is not high on my list. I just assign some numeric IP address to the host machine and put that in the /etc/hosts file of the host machine and in the /etc/hosts file of the NN. Then it is possible to ssh from the NN to the host machine, even when the host machine is not on the Internet. When the host machine is connected to the Internet, say at a wireless access point, then one needs to get the numeric IP address using the command: "ifconfig". I usually just "muddle" through and get it working after one or two tries. My time off my LAN is small, but maybe I can learn enough about shell scripting to figure out something better:) Hope this helps someone else. Delbert _______________________________________________ Qi Hardware Discussion List Mail to list (members only): discussion@lists.en.qi-hardware.com Subscribe or Unsubscribe: http://lists.en.qi-hardware.com/mailman/listinfo/discussion
