Re: Using Debian SID on a Mac SE/30
On Wed, 14 Apr 2021, Stan Johnson wrote:
> I'm trying to configure Debian SID to be usable on a Mac SE/30 (16 MHz,
> 128 MiB memory, SCSI2SD disk). Telnet and FTP to the system initially
> both timed out. I was able to set LOGIN_TIMEOUT in /etc/login.defs to
> 180 (the default is 60 seconds), and that allowed telnet connections to
> work, but ftp connections still time out (both work fine on a Mac IIci
> at 25 MHz). Of course, at only 16 MHz, SSH isn't even an option for the
> SE/30 (or the IIci).
> Does anyone know of a way to set the ftp login timeout? I could probably
> modify the ftpd source, but I would prefer to modify a configuration
> file setting if possible.
I don't know about ftpd but if you install vsftpd you can control those
timeouts in vsftpd.conf.
> If I can get ftp working, the SE/30 will be a good low-end m68k 68030
> system (perhaps the lowest end?) for testing modern Linux kernels.
> I use QEMU to configure filesystems for all of my m68k systems. Linux
> kernels can either be cross-compiled or compiled in QEMU. While QEMU is
> a great emulator, I would still like to be able to run distributions on
> real hardware, whenever possible.
> Other changes to the default Debian SID installation have included
> replacing systemd with sysvinit (far too many timeouts with systemd).
> And by configuring a static /dev, I was able to disable udevd (again,
> too many timeouts). I think my next effort will be to break PAM and
> revert to old-style authentication, if possible.
You can probably test that approach by building a portable FTP or Telnet
daemon and disabling PAM support using ./configure.
You may also want to try minimal implementations of telnetd and ftpd, such
as the ones offered by busybox. If you build your own, you also get to
modify any hard-coded timeout constants.
> It's interesting that I can login almost immediately using telnet or ftp
> using A/UX, but telnet in Debian takes about 100 seconds (and ftp still
> times out).
Most of that is probably password hashing. Look in /etc/shadow and you'll
probably find long password hashes. If you're not worried about weak
hashes, you could switch to DES which is probably what A/UX uses. See 'man
login.defs' and 'man 3 crypt'.
BTW, if your password hashes are never leaked or your actual passwords are
guessable anyway then I don't see much benefit from SHA512.
FTR, I'm not advocating guessable passwords and weak hashes. But if you
want to try it, I hear that 12345 is very popular:
$ perl -e 'print crypt("12345","xx")."\n"'
> thanks for any suggestions
> -Stan Johnson