[ptruman]

Hi all,

I've been using OrenoSP to gain access to my TiVo externally.
For those who don't know OrenoSP, it's a reverse proxy you run on a PC on your LAN, and you connect to it from the internet, and it forwards connections to TiVo. Nice and secure etc etc.

However, due to my PC being somewhat irksome atm, I've got a nicer solution, which may be of interest to a few people.

I have acquired a Linksys WRT54GS (802.11G wireless broadband router). It's upgradable with 3rd party open source firmware.

I've now got said router running the Sveasoft f/w, and I can SSH into the router, and then tunnel into TiVo (or anything else on the LAN).

Much more secure than OrenoSP, and doesn't need my PC on!
And of course, there are mobile SSH clients too, so you can access it on the move...

The router costs about £50 to £80 and the SSH software is free. OrenoSP is now > £150 - although I have an old copy if anyone wants it!

Tutorials available on request if anyone wants them.

 

[mike0151]

Why not just post the tutorial?

Mike

 

[ncjok]

Can your TiVo now securely serve TiVoWeb aswell?

 

[beastman]

ptruman - do you know if a wired linksys router can so the same thing?

 

[tefster]

>Can your TiVo now securely serve TiVoWeb aswell?

If you have an SSH tunnel to inside of your Lan then you can tunnel TivoWeb through it.

I do a similar thing, but instead of ssh/tunneling via the router I ssh directly into the TiVo instead and securely browse TivoWeb through the ssh tunnel. That does eat a tiny amount of the Tivo's cpu time, when browsing TivoWeb but I've not seen it cause any problems so far.

 

[Fozzie]

Is there a quick guide to setting this up tefster? I'm currently using orenosp but having seen the figures people are posting for electricity usage when leaving a PC permanently on, I'm looking for a 'cheaper' solution!

 

[tefster]

There's an instruction guide within the README in the tarball here,
give it a whirl and let me know how you get on, a couple of
people have downloaded it but the only person so far whom I've
heard feedback from was one of the OzTivo guys who couldn't
get it working due to some wierdness in the C runtime library
version that they are using there.

 

[Fozzie]

Cheers tefster. Will give it a crack tomorrow night when I've a bit more time.

 

[Fozzie]

As an aside, can anyone compare/contrast opening up a port on the firewall and forwarding it to Orenosp running on a Windows box or forwarding it to an SSH server running on Tivo?

TIA.

 

[dimmyr]

Any chance you could post or post a link to your old, pre 1.0 version of OrenoSP?

 

[tefster]

>As an aside, can anyone compare/contrast opening up a port on the firewall and forwarding
>it to Orenosp running on a Windows box or forwarding it to an SSH server running on Tivo?

The main difference is less reliance on an extra box being up and running.

Running a tunnel via Orenosp and opening a firewall port to it means that you need an extra PC running all the time in order to access TivoWeb, however you do have the benefit of not having to run SSH server software on your Tivo and what's exposed to the outside world (Orenosp) is fairly well tested and stable.

Running an ssh server on the Tivo means having extra software in place on it, but does also mean that you don't need an extra PC running all the time in order to access TivoWeb. However when you are logged into it then as with any software the ssh server will eat up some CPU time, providing you aren't doing massive amounts of data transfer than I doubt that would be a problem though, certainly I've sat in front of Tivoweb/ssh tunnelled sessions and had recordings/play running without a problem. However, the dropbear ssh server port for the Tivo hasn't been hugely stress tested, and the kernel version that the UK TiVos run on is quite old, and so I'm not sure how well they would stand up to say a sustained SYN packet attack.

 

[Fozzie]

Am I right in saying that you need to have a specific client installed on the remote device, such as Putty? This would be a major drawback for me if it is, as I often access Tivoweb from my Smartphone.

 

[tefster]

Putty does SSH but there are SSH clients available for almost all platforms, I've SSH'd into my TiVo from my P900 phone, via the web (Java SSH client applet), etc.

For tunneling, it can be a bit more restrictive as not all clients will set up tunnels,
but there are certainly Java clients which do and so which should run on most
smartphones, and I've used native binary ports of PuTTY on Symbian smartphones

 

[Fozzie]

Guess I'll have to do some digging to see if there's a cleint for the proper Smartphones (with a capital 'S') i.e. Windows Mobile 2003SE/5

 

[Fozzie]

There's an instruction guide within the README in the tarball here,
give it a whirl and let me know how you get on, a couple of
people have downloaded it but the only person so far whom I've
heard feedback from was one of the OzTivo guys who couldn't
get it working due to some wierdness in the C runtime library
version that they are using there.

I've just given this a whirl but am getting:

./dropbearkey: error in loading shared libraries
libcrypt.so.1: cannot open shared object file: No such file or directory

Any ideas?

 

[tefster]

Hmm, it should have the crypt routines compiled into the static binary. Unfortunately my
aging Wireless Access Point seems to have finally and so I can't get into my TiVo remotely
at present to check, when I get home I'll telnet into it and see if I have libcrypt on there.

 

[Fozzie]

Hmm, it should have the crypt routines compiled into the static binary. Unfortunately my
aging Wireless Access Point seems to have finally and so I can't get into my TiVo remotely
at present to check, when I get home I'll telnet into it and see if I have libcrypt on there.

Did you manage to find anything tefster?

Ta.

 

[tefster]

Odd, it seems that somewhere along the way I acquired a libcrypt in my /var/hack/lib, not
sure where it came from and I don't remember cross-compiling it but there you go I need
to pull the drive tomorrow to re-do my network configuration with the new wireless bridge
and so I'll extract the libcrypt library and PM you it.

 

[Fozzie]

Cheers

 

[tefster]

here you go