Better Mobile App

tun driver for our hero

Hi!
For the ones interested in openvpn or vpnc I attach the tun.ko module.
Have fun.

Here is the tun driver package. Think you should have a rooted device to make use of it.
To install:
1. copy it to your <sdk>/tools folder
2. adb push hero-tun-module-signed.zip /sdcard/update.zip
3. Type 'adb shell reboot bootloader' to enter the bootloader.(or turn it off and then, holding back button, turn it on)
4. Type 'fastboot boot cm-hero-recovery.img' - the device will now boot into the recovery image.
5. Select the option to 'apply update.zip from SD card'. Let it complete.
6. select reboot

Hi!
Good idea and thanks for packaging it. I just made a quick shot ;-)

Will add this to 1.2.
P

get-a-robot-vpnc does not work using the tun driver included in
2.0-update-hero-modacocustomrom-enhanced-signed.zip
The message appears after entering the pasword for sign on.
The application VPN Connections (process org.codeandroid.vpnc_frontend) has stopped unexpectedly.
# insmod /system/lib/modules/tun.ko
insmod /system/lib/modules/tun.ko
insmod: can't insert '/system/lib/modules/tun.ko': invalid module format
whether tun.ko is fron the 2.0 zero,
or installed via update.zip from hero-tun-module-signed.zip - above.
dmesg says
tun: version magic '2.6.27-a5504199 preempt mod_unload ARMv6 ' should be '2.6.27-8dd6deee preempt mod_unload ARMv6 '
the /etc/net folder does not exist, neither does /etc/tun

tun for 2.6.27-8dd6deee
See attachment for tun driver kernel version: 2.6.27-8dd6deee
(MoDaCo 2.0)

Thanks gogh57,
insmod ran OK.
installed to /dev/tun
vpn is now Trying to connect...
I'll have to check the VPN parameters.
Will let you know.

Brilliant work, many thanks.
I've check and verified my vpn parameters, but get a failed to connect. I'll keep reading and trying and will let you all know.
For info, all I have done - just in case I have missed a fundamental step...
1. Installed VPN connections from the market
2. Configured a network to connect to
3. copied tun.ko to SD card
4. ran adb shell to get on phone then insmod tun.ko - no errors, and shows with lsmod
5. tried to connect.
Getting closer....!
Bryan

How to install it on my Hero?

Hi all,
I have the same problem. Currently using Modaco's 1.5.1 and I do not want to move to 2.0 as it seems that it does not offer any advantage and I am happy until now with 1.5.1.
I am trying to install tun.ko which exists in system/lib/modules (installed with Modaco's ROM). When installing the tun.ko, I get "Exec format error" with dmesg:
# dmesg | grep tun
<3>[152396.817749] tun: version magic '2.6.27-a5504199 preempt mod_unload ARMv6
' should be '2.6.27-44690c1a preempt mod_unload ARMv6 '
How can I find the 2.6.27-44690c1a version ?
Or else I will wait for Bryan's tests and if successful, I will move to 2.0
Thanks for any help
Yiannis
<EDIT> - Moved to Modaco 2.1, Insmod runs OK, VPN-Connect does not connect. I'll dig more and let u know

Newby question, but what can you do with it?

YiannisM said:
Hi all,
I have the same problem. Currently using Modaco's 1.5.1 and I do not want to move to 2.0 as it seems that it does not offer any advantage and I am happy until now with 1.5.1.
I am trying to install tun.ko which exists in system/lib/modules (installed with Modaco's ROM). When installing the tun.ko, I get "Exec format error" with dmesg:
# dmesg | grep tun
<3>[152396.817749] tun: version magic '2.6.27-a5504199 preempt mod_unload ARMv6
' should be '2.6.27-44690c1a preempt mod_unload ARMv6 '
How can I find the 2.6.27-44690c1a version ?
Or else I will wait for Bryan's tests and if successful, I will move to 2.0
Thanks for any help
Yiannis
<EDIT> - Moved to Modaco 2.1, Insmod runs OK, VPN-Connect does not connect. I'll dig more and let u know
Click to expand...
Click to collapse
I'm getting nowhere with this. I'll have to look on the phone to see if it logs anywhere to help diagnose
Let use know YiannisM if you get anywhere?!
Bryan

On my HTC Hero
Using Modaco 2.2
tun.zip included in above
VPN Connections installed
and modified scripts described here:
http://techha.us/2009/06/android-vpn-vpnc/
VPN works now,
stared via an adapted 'go' script. (but not using VPN Connections UI)
I use ConnectBot for terminal.
I'll post exact details tonight.

pvlagsma said:
I'll post exact details tonight.
Click to expand...
Click to collapse
Look forward to it, I had a quick go following the link you gave, but it *****ed (unsurprisingly) at the location of the tun device.
Well done for cracking it
So close now!

J-Zeus said:
Newby question, but what can you do with it?
Click to expand...
Click to collapse
From Wiki....
A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger networks (such as the Internet), as opposed to running across a single private network. The Link Layer protocols of the virtual network are said to be tunneled through the transport network. One common application is to secure communications through the public Internet, but a VPN does not need to have explicit security features such as authentication or content encryption. For example, VPNs can also be used to separate the traffic of different user communities over an underlying network with strong security features, or to provide access to a network via customized or private routing mechanisms.
Simply put, for most people I imagine, it allows us to connect to work.
Bryan

pvlagsma said:
On my HTC Hero
Using Modaco 2.2
tun.zip included in above
VPN Connections installed
and modified scripts described here:
http://techha.us/2009/06/android-vpn-vpnc/
VPN works now,
stared via an adapted 'go' script. (but not using VPN Connections UI)
I use ConnectBot for terminal.
I'll post exact details tonight.
Click to expand...
Click to collapse
Also looking forward to this.

Installing VPN on the HTC Hero.
References:
----------
A: This thread - http://forum.xda-developers.com/showthread.php?p=4503502
B: vpnc details - http://techha.us/2009/06/android-vpn-vpnc/
C: ROM 2.2 - http://android.modaco.com/content/h...m-is-here-2-versions-based-on-the-new-update/
D: VPN_Connections: - http://code.google.com/p/get-a-robot-vpnc/downloads/list
E: ConnectBot - android market - the terminal app I use on my Hero. You can do all this from an 'adb shell' on your PC.
1. Flash the 2.2 ROM (others probably work, but the correct tun.ko for the linux build is included in the ROM) from Ref C.
2. Download the latest version (VPN_Connections_v09.apk at time of writing) from get-a-robot-vpnc (Ref D), and install on your Hero.
This provides the vpn modules that are needed.
However I could not get this UI to work on the Hero. It kept hanging, sometimes asking for the password, sometimes not.
Note: the android market version is still 0.6
3. Install the tun.ko module with a script, or manually. This needs to be done each time you boot the Hero.
The script is:
'prep' script ( the following 3 lines: )
-----------
insmod /system/lib/modules/tun.ko
mkdir /dev/net
ln -s /dev/tun /dev/net/tun
Install tun by typing:
sh /sdcard/prep
or typing the 3 commands. (you need to be root, to do this)
(I placed my script on the microSD card, /sdcard/prep)
You can call this script anything you like.
4. Make an 'vpn.conf' file .
IPSec gateway vpn.aa.bb.com
IPSec ID youroffice
IPSec secret yourofficepassword
Xauth username youruid
Place it on /sdcard/vpn.conf
See Ref B for details.
You can call this configuration file anything you like.
5. Make a 'go' script, like this (one long line)
/data/data/org.codeandroid.vpnc_frontend/files/vpnc /sdcard/vpn.conf --script /data/data/org.codeandroid.vpnc_frontend/files/vpnc-script --pid-file /sdcard/vpnc-pid --no-detach --debug 1
Put it in a file /sdcard/go .
N.B. The 'go' script refers to the 'vpn.conf' file which you created earlier.
See Ref B for details.
You can call this script anything you like.
(Note: VPN Connections (Ref D) installs its files to /data/data/org.codeandroid.vpnc_frontend )
6. Start VPN by typing:
sh /sdcard/go
hopefully you will see
# sh /sdcard/go
sh /sdcard/go
Enter password for [email protected]: <this is where you type in your password>
vpnc version ERSION
IKE SA selected psk+xauth-3des-sha1
NAT status: no NAT-T VID seen
got address 33.333.333.333
RTNETLINK answers: File exists
backing up dns and resolve.conf
cp: cannot stat '/etc/resolv.conf': No such file or directory
vpnc-script ran to completion
IPSEC SA selected 3des-sha1
VPNC started in foreground...
&. Start an ssh connection, or a browser to an internal website, or whatever

Brilliant, many thanks!!
couldn't find a /etc/resolv.conf have put a couple of address' into /etc/hosts so I can browse my intranet.
How are you doing DNS??
Bryan

Is it possible to configure for IPSec over tcp?

Just an update from me, the VPN Connect frontend does not work, I have used pvlagsm's instructions and worked for me.
Thanks

[MOD] LEAP/PEAP wifi

This mod take a couple of minutes to complete and allows for PEAP wifi connections. Requires root access and ADB knowledge.
I AM NOT RESPONSIBLE FOR ANY ISSUES YOU CREATE WITH THIS. IT IS A ROUGH GUIDE AND WORKS FOR ME. DO AT OWN RISK.
Tutorial For Adding LEAP/PEAP Wifi
1. Open Command prompt window in Windows.
2. Go to your directory that you have Android SDK in.
3. Change directory to Tools. So for eg. C:\Android\Tools
4. Type in adb devices. You should see your device. If not install ADB driver. Google it.
5. Type in adb pull /data/misc/wifi/wpa_supplicant .conf c:\wpa_supplicant.conf
6. This stores wpa_supplicant.conf on your C: drive.
7. Open file with wordpad.
8. Add the following to the files:
for PEAP add this code:
network={
ssid="Your SSID"
key_mgmt=WPA-EAP
identity="Your Username"
password="Your Password"
}
for LEAP use this:
network={
ssid="Your SSID"
scan_ssid=1
key_mgmt=IEEE8021X
auth_alg=OPEN SHARED LEAP
eap=LEAP
identity="Your Identity"
password="Your Password"
}
9. Save the file.
10. Type push c:\wpa_supplicant.conf /data/misc/wifi/wpa_supplicant .conf
11. Now the important part. If you miss this your wifi will not work after reboot.
12. Type adb shell
13. Should get # prompt.
14. Type su.
15. Type cd /data/misc/wifi
16. Type chown 1010 wpa*
17. Type chgrp 1010 wpa*
18. Close command prompt window and enjoy LEAP/PEAP wifi.

What is the difference between the two?
A question that might help the unacknowledged
EAP and LANs
EAP originated with the dial-up PPP protocol in order to support protocols beyond PAP and CHAP. For use on packet networks, EAP Over LAN (EAPOL) was created. EAPOL added new message types and allowed an Ethernet header to be prefixed onto EAP messages so they could be transmitted via Ethernet. Following are various EAP methods used mostly in wireless networks, but also in wired networks. See 802.1X, WPA and 802.11i.
EAP-TLS (EAP-Transport Layer Security)
Uses the handshake protocol in TLS, not its encryption method. Client and server authenticate each other using digital certificates. Client generates a pre-master secret key by encrypting a random number with the server's public key and sends it to the server. Both client and server use the pre-master to generate the same secret key.
EAP-TTLS (EAP-Tunneled TLS)
Like EAP-TLS above except only the server has a certificate to authenticate itself to the client first. As in EAP-TLS, a secure connection (the "tunnel") is established with secret keys, but that connection is used to continue the authentication process by authenticating the client and possibly the server again using any EAP method or legacy method such as PAP and CHAP.
PEAP (Protected EAP)
Similar to EAP-TTLS above except it does not support legacy methods. It only moves EAP frames. Windows XP natively supports PEAP.
LEAP (Light EAP, Cisco LEAP)
From Cisco, first implementation of EAP and 802.1X for wireless networks. Uses preshared keys and MS-CHAP protocol to authenticate client and server to each other. Server generates and sends session key to access point. Client computes session key independently based on data received in the CHAP challenge.
EAP-FAST
(EAP-Flexible Authentication via Secure Tunneling)
Enhancement to LEAP from Cisco that provides an encrypted tunnel to distribute preshared keys known as "Protected Access Credential" (PAC) keys. PAC keys may be continuously refreshed to prevent dictionary attacks. EAP-FAST is defined in Cisco's Cisco Compatible Extensions (see CCX).
EAP-SIM (GSM Cellphones)
For GSM phones that switch between cellular and Wi-Fi networks, depending on which is in range. The Subscriber Identity Module (SIM) smart card in the GSM phone (see GSM) contains the secret key used for challenge/response authentication and deriving session keys for encryption.
Click to expand...
Click to collapse
Source:www.pcmag.com/encyclopedia_term

thanks
Thanks for the help clarifying that for peoples.... its finally great to be able to use the WiFi at school... would be nice to implement it automatically, I can't write the code.... but if anyone would like too it would really add to the community....

Maybe I'm misunderstanding this but i know when i try to use LEAP at school, it already has options and what not for it on my phone, none of this is necessary for me

I know with my school which is (PEAP) you couldn't input a username just a password! so if you are having troubles connecting to a LEAP or PEAP connection this is a way to workaround and get it working. If you can already connect don't worry about it! this is for those who cant connect and get crappy data in class! haha

Does this work with MS-CHAP ? How do I define it?
Thanks!

MS-CHAP already works out of the box. At least I can connect at work with PEAP, MS-CHAPv2. Could be a CM 5 thing though.

Thanks for posting this! while it did not directly solve my problem, it made me redouble my efforts to get on my company's wlan with my N1. I have tried this many times over the years with various phones including UIQ3, WM6 and never got anywhere. I always assumed that there was some sort of certificate or windows domain stuff going on.
So this morning I did a wireshark trace and put my laptops drivers into debug logging to find out how my laptop connects.
A bit of googling for the stuff I found enabled me to get a working supplicant.conf on the third attempt and I am amazed!
Appear to be using WPA2 Enterprise with EAPOL LEAP with CCMP encryption on Cisco access points.
Here is the network part of my wpa_supplicant.conf in case it helps anyone:
network={
ssid="SSID"
scan_ssid=1
key_mgmt=WPA-EAP IEEE8021X
auth_alg=SHARED LEAP
group=CCMP
eap=LEAP
identity="DOMAIN\User"
password="Password"
}

maedox said:
MS-CHAP already works out of the box. At least I can connect at work with PEAP, MS-CHAPv2. Could be a CM 5 thing though.
Click to expand...
Click to collapse
Doesn't work for me on stock rom.

What works for PEAP with MSCHAPv2 in my school is:
network={
ssid="<ssid>"
scan_ssid=1
key_mgmt=IEEE8021X
eap=PEAP
identity="<userid>"
password="<password>"
phase2="auth=MSCHAPV2"
priority=2
}
(Previously posted on my blog at http://zitseng.com/archives/2729)

It works, Thanks!

There's a way of doing that without root access:
code.google.com/p/android/issues/detail?id=1871

Step 16 17
when i type
16. Type chown 1010 wpa*
17. Type chgrp 1010 wpa*
i get the error:
"no such user '1010'"
"chgrp: not found"
what is it mean?
Is there anything I may have done wrong?
tanks

Doesn't work for me for some reason. Do you think having CM6 RC3 would make a difference? Not that I could see it doing so.
I've tried a few of the above suggestions but none work for me
The worst thing is it worked fine before I updated my Nexus One to FroYo!
my current settings for the uni are:
network={
ssid="UoN-secure"
key_mgmt=WPA-EAP IEEE8021X
eap=PEAP
identity="username"
password="password"
phase2="auth=MSCHAPV2"
}
Any help would be appreciated
The problem I am having is that it will not keep the Phase 2 auth - MSCHAPV2 setting when I set it up. Every time I go back into the ssid settings (modify network) it has reverted back to "none". However the information above was pulled from the phone so it obviously is storing the MSCHAPV2 setting, just doesn't seem to be using it!

actually cm6 rc3 should have support for Leap/PEAP i have been using it for a while without this hack.... what type of connection are you trying to connect too?

[HOWTO] Use OPENVPN/IPSec on Nook Color

I have compiled tun.ko for the Nook color.
Here are the instructions to get OpenVPN up and running.
I dont have a fully working OpenVPN server to test this completely but I was able to connect and get authenticated. If someone can test this out and report whether this works that would be useful.
Download tun.ko module from here
http://dl.dropbox.com/u/16190398/tun.ko
Type the following from your windows or linux console
adb shell
#mount -o remount,rw /dev/block/mmcblk0p5 /system
#su
#cd /system/lib
#mkdir modules (if it doesnt exist)
#exit
#exit
Now you are back at your windows or linux prompt
adb push tun.ko /system/lib/modules
adb shell
#su
#insmod /system/lib/modules/tun.ko
If everything works fine you should see no errors
#lsmod
You should see something like this
tun 11416 0 - Live 0xbf153000
#exit
#exit
So far so good.
Now go to the Android Market and download
1. busybox (if not already installed)
2. OpenVPN Installer
3. OpenVPN Settings
Run the OpenVPN Installer first. It will detect that OpenVPN binary is not installed and ask permission to install. You can choose to install it in /system/xbin or /system/bin (I installed it under /system/bin).
OpenVPN also needs the path to ifconfig and route which is provided by busybox. It will ask for the path and create symlinks. I created mine under /system/xbin/bb.
Next copy your openvpn config files and .crt files under /sdcard/openvpn.
Finally, run OpenVPN settings. If you have a valid config file under /sdcard/openvpn you should see those connections listed.
From the advanced menu you can set the path to your tunnel module as /system/lib/modules/tun.ko and load the module using modprobe.
Set the path to your configuration files (default is /sdcard/openvpn).
If everything looks fine then go back to main screen and click the checkbox next to your listed connection.
You should get a login icon in the notification bar if your connection requires username/password.
Thats it. Browse your internal network to check if everything is working as desired.
I just had a baby a few weeks ago and dont have time to troubleshoot this.
If someone can take over and post better/detailed instructions on making this work that would be great.
---------- 05/06/2011 Update -------------
Updated version of tun.ko for the 1.2 update. This for for kernel version 2.6.32.9.
In order to connect to Cisco/Freeswan VPN concentrators you can download VPNconnections from here. The instructions are quite straightforward and listed on the project page. http://code.google.com/p/get-a-robot-vpnc/
You will need to load tun.ko for both openvpn and VPNConnections.
http://dl.dropbox.com/u/16190398/Nook Color 1.2/tun.ko

Thanks for the step-by-step guide on this, I can confirm that it does work as expected. I was able to connect to an OpenVPN server and route traffic properly over it. One more damn device that ties me to work now, wooh!

At my work we use a Cisco VPN. On my phone I use an app called VPN Connections. I loaded the module and instead of using the open vpn I used the apk mentioned above. But it didn't work. Does the OpenVPN support Cisco vpns?

has anyone gotten this to work with alwaysVPN??
after i enter my username and password
I get
connecting
Auth
get config
then a popup window saying
fatal: cannot allocate Tun/Tap dev dynamically

iandixo said:
has anyone gotten this to work with alwaysVPN??
after i enter my username and password
I get
connecting
Auth
get config
then a popup window saying
fatal: cannot allocate Tun/Tap dev dynamically
Click to expand...
Click to collapse
Probably your tun.ko module is not loaded.
Did you set the path to tun.ko from OpenVPN settings ?
Can you use adb shell and
type
#insmod /system/lib/modules/tun.ko
then
#lsmod
and report what you see.

likearaptor said:
At my work we use a Cisco VPN. On my phone I use an app called VPN Connections. I loaded the module and instead of using the open vpn I used the apk mentioned above. But it didn't work. Does the OpenVPN support Cisco vpns?
Click to expand...
Click to collapse
OpenVPN client wont work with Cisco's VPN. They use different protocols.
However, VPN Connections is supposed to be compatible with Cisco/FreeSwan and other IPSec VPNs.
I havent used VPNConnections but if there is any option to load the tun module then you can try setting the path and loading the module.
I would suggest that you first try loading the tun.ko module manually using adb shell. Then run VPN Connections and maybe it will work

dascud said:
Probably your tun.ko module is not loaded.
Did you set the path to tun.ko from OpenVPN settings ?
Can you use adb shell and
type
#insmod /system/lib/modules/tun.ko
then
#lsmod
and report what you see.
Click to expand...
Click to collapse
I get
tun 11416 0 - Live 0xbf113000
tiwlan_drv 862084 0 - Live 0xbf03b000
bc_example 6460 0 - Live 0xbf034000
omaplfb 16584 0 - Live 0xbf02a000
pvrsrvkm 150196 56 bc_example,omaplfb, Live 0xbf000000
and the path is set in settings
what should I see in /system/xbin/bb ?? as there is nothing there at all. Reason I asked is for some unknown reason and without me changing anything, the error has now changed to something about "ifconfig unable to load external program" it flashes to fast to read

iandixo said:
I get
tun 11416 0 - Live 0xbf113000
tiwlan_drv 862084 0 - Live 0xbf03b000
bc_example 6460 0 - Live 0xbf034000
omaplfb 16584 0 - Live 0xbf02a000
pvrsrvkm 150196 56 bc_example,omaplfb, Live 0xbf000000
and the path is set in settings
what should I see in /system/xbin/bb ?? as there is nothing there at all. Reason I asked is for some unknown reason and without me changing anything, the error has now changed to something about "ifconfig unable to load external program" it flashes to fast to read
Click to expand...
Click to collapse
This is good. Make sure that you set the path as the full path to the module as
/system/lib/modules/tun.ko in OpenVPN settings. (Yea path is a little misleading)
The error is due to openvpn not finding the path to ifconfig and route which is required to set the IP address for the tun device and push the default routes.
Did you install busybox ?. If not then you should install that.
If you already installed busybox then do this
adb shell
#mount -o remount,rw /dev/block/mmcblk0p5 /system
#su
#which busybox
This should return /system/bin/busybox
Under /system/bin you should also find ifconfig and route which are essentially symlinks to busybox
Now navigate to the /system/xbin directory
#cd /system/xbin
#mkdir bb (if it doesnt exist)
#cd /system/bin
#cp ifconfig /system/xbin/bb
#cp route /system/xbin/bb
#cd /system/xbin/bb
# ./ifconfig
This should return some details about the tiwlan0 interface.
#exit
#exit
Try again and see if this works. If not you can run the OpenVPN installer again.
Shouldnt matter if you already ran it once before.
Set the path for the openvpn binary as /system/bin &
the path for ifconfig as /system/xbin/bb
Hopefully this should do the trick.

Hmm. I can't get this to work with VPN Connections either. lsmod says the module is loaded, but VPN Connections fails. I won't have time to look at this for a week or so, but if anyone has VPN Connections working with this tun.ko, that would be good to know.

well I'm getting somewhere it now connects and it seems to be passing data ...but I'm only getting a connection of 0.09kBps up and 0.06kBps down

FletchF said:
Hmm. I can't get this to work with VPN Connections either.
Click to expand...
Click to collapse
Just to clarify, "VPN Connections" is an Android VPN client that can connect to a Cisco IPSEC VPN concentrator. It works well for me on my DROID.

link down? -nm
Hi. This sounds awesome. I am trying to get vpn since i left my laptop at home and my captivate is too small to do basic work.
I can't seem to dload the above but no go for dolphin or google browser.
Can someone post a mirror?
Edit: got it... couldn't get w the browsers and rockplayer seemed to want to play it. Used ie and got it ok.

I would love to hear if anyone else has had any success with alwaysVPN. I can connect but just can't seem to get any data ...

iandixo said:
well I'm getting somewhere it now connects and it seems to be passing data ...but I'm only getting a connection of 0.09kBps up and 0.06kBps down
Click to expand...
Click to collapse
I recall that I had the same issue initially. I was able to get connected but not browse the internal network. The monitor would show a connection of 0.09Kbps.
I think this means that the initial handshake went through but the server was not able to push the ip address or the default routes.
When you get connected you should see a status which progresses as
Auth - > Get Config -> and finally connected to "server IP" as "your new IP address". If you dont see your new IP address then the connection is not fully functional.
A rather unscientific method to fix it which worked for me was
1.) Uninstall busybox
2.) Reinstall busybox
3.) Run OpenVPN Installer again
set path to Openvpn binary as /system/bin
set path to ifconfig as /system/xbin/bb
adb to /system/xbin/bb and check if ifconfig and route exists.
Reboot, do a minor rain dance and pray to the God of your choice while the Nook is rebooting.

So just to let everyone know I got VPN Connections working for my work's Cisco VPN. I did the steps outlined at first, downloaded the file, insmod the file, added openvpn and settings apps, then tried my vpn connections app but it wouldn't work. So I gave up. Two days later I tried it for fun after I had rebooted it many times and it worked! I haven't done a insmod command and I have uninstalled the two OpenVPN commands

likearaptor said:
So just to let everyone know I got VPN Connections working for my work's Cisco VPN. I did the steps outlined at first, downloaded the file, insmod the file, added openvpn and settings apps, then tried my vpn connections app but it wouldn't work. So I gave up. Two days later I tried it for fun after I had rebooted it many times and it worked! I haven't done a insmod command and I have uninstalled the two OpenVPN commands
Click to expand...
Click to collapse
I was also able to get "VPN Connections" aka vpnc, working using this method.
Am now able to connect to my Cisco ASA, thanks for the great post.

My NookColor has been all of the sudden playing a load static noise when it is off and the only way to stop it is to turn it off. So I reset everything back to stock 1.0.1 and I will wait and see if it does it without it being rooted. If so I will get a different unit. But in the next week or two I will root it again and see if I need to install OpenVPN or not.

acomiskey said:
I was also able to get "VPN Connections" aka vpnc, working using this method.
Click to expand...
Click to collapse
Hmm. Still trying here. How many reboots did it take?

FletchF said:
Hmm. Still trying here. How many reboots did it take?
Click to expand...
Click to collapse
Just one for me, I did a lot of little things trying to get it to work, once I re-root later this week or next week I will post step by step directions to get it to work unless someone else beats me to it

FletchF said:
Hmm. Still trying here. How many reboots did it take?
Click to expand...
Click to collapse
I think just 1.
I had "vpn connections" installed. I then follow the instructions at the beginning of this thread. I stopped at "Next copy your openvpn config files and .crt files under /sdcard/openvpn" since I wasn't interested in using openvpn.
I then rebooted, launched "vpn connections" and it connected.
I cannot however get the vpnc widget to work.

[GUIDE]BlackBerry to Android Bluetooth Tether Guide (Dial-Up Networking Profile)

Blackberry DUN Bluetooth Tethering Guide
WARNING!! FOR EXPERTS ONLY! YOU'VE BEEN WARNED! THIS IS NOT A SIMPLE CLICK AND DONE. IT MAY FRUSTRATE YOU!
This may or may not work for you, don't be surprised if it doesn't. Also Tethering may or may not be supported by your carrier. Data Plan recommended! @@
Your Mobile carrier may charge tethering fees, Continue at your own risk!
I suggest you read the whole thing before you action, and also please bare with my english, as it is my 3rd language.
Tether via Terminal: (Thanks lophyte for this great guide)
http://forum.cyanogenmod.com/topic/...-gtab-to-your-blackberry-phone-via-bluetooth/
I did not develop any apps or any scripts of any kind.
This was all done with some extensive research and alot of Trial and Error.
But with the little information I found out there, I was able to find some pretty interesting things.
I found this app called Q5 DUN, which was designed for an Old Internet Tablet called the SmartQ5 and ran Android 1.5.....
Therefore support is very limited, and there was only 2 updates back in 2009.
Also, I will be quoting guides out there, but I will properly credit the author for their efforts & findings. (Mostly lophyte )
Also would like to Thank RimDroid helping me with the research.
Click to expand...
Click to collapse
What you need:
-ALOT OF PATIENCE!
- Rooted Android Tablet ( I'm using a HP TouchPad )
- Android 2.3.7 (Reported by nihjar that it works on ICS!!)
- Blackberry Mobile Device with DUN Profile. ( I'm using BB Bold 9700 with OS 6 installed ) *Other Mobile's may work, need further testing*
- Terminal app
- Root Explorer app
- Super User app
- Q5 Bluetooth Dial Up Network app by wsoft2002
- Berry4All Scripts
- Chat Binary compiled by lophyte (Originally compiled for GTab, but works on my HP Touchpad) or you can compile one, link in lophyte's guide. **NOTE**(Reported by nihjar that it works on ICS!!)
Currently there are two ways to tether BT:
Option 1: Using the Q5 Bluetooth Dial Up Network app and modifying the Build.prop <-- Easiest Method, but buggy! But once configured, works perfectly!
Option 2: Running terminal commands <-- Connecting Manually thru Linux commands.
We will be installing both options in this guide.
Click to expand...
Click to collapse
- Make sure DUN is enabled on your BB ( Search google for guides on this )
Step 1: Download and Install on Android
-Install Root Explorer (if you don't have it already)
-Install Terminal (if you don't have it already)
-Install Q5 DUN http://android.gval.biz/
Step 2: Download the following on your PC
Berry4All Scripts Here
Chat Binary compiled by lophyte to Tether with Gtab Link to his Guide Here
File
lophyte said:
Download the berry4all package and find the config for your provider.
Berry4all is a Linux bluetooth tethering package that contains various pppd configurations for mobile providers. If your provider is not available in this package, you'll need to Google around for a proper pppd config and chatscript to allow you to tether to your blackberry or other mobile phone.
Click to expand...
Click to collapse
-Create a new folder which you will be placing the following files to better manage them.
-Copy the Chat binary file into the new folder.
-Extract bbtether and find the 2 files in /conf/ that corresponds to your mobile network, and copy those 2 files into the new folder. In this guide I will be using Rogers as an example. In this case, rogers & rogers-chat
lophyte said:
Modify the configurations
I haven't looked at the configs for the other providers, but the Rogers config needed a little bit of modification. The following line in my ppp peer config file needed to be changed:
Click to expand...
Click to collapse
Step 3:Modify the configurations
-Open rogers in a text editor ( I recommend Notepad ++)
-Find the line
connect "/usr/sbin/chat -f conf/rogers-chat
Click to expand...
Click to collapse
& change this line to:
connect "/system/bin/chat -f /etc/ppp/chatscripts/rogers-chat"
Click to expand...
Click to collapse
*NOTE* Edit the rogers-chat to which ever mobile provider you are using
-Find the line with 'novj' and place a # in front of it. Or Delete it, which ever is fine.
Your File should look like this:
# Tested by Max Taranukha
115200
noipdefault
defaultroute
#nomultilink
ipcp-restart 7
ipcp-accept-local
ipcp-accept-remote
lcp-echo-interval 0
lcp-echo-failure 999
nopcomp
noaccomp
pap-timeout 20
pap-restart 20
lcp-restart 10
#noauth
crtscts
usepeerdns
nomagic
noccp
#novj
user wapuser
password wap
name wapuser
#debug debug debug
# does not exist in all pppd versions (osx)
#replacedefaultroute
connect "/system/bin/chat -f /etc/ppp/chatscripts/rogers-chat"
Click to expand...
Click to collapse
**NOTE** Change UserName & Password that matches your APN settings.**
-Save and Exit.
Step 4:Now its time to copy these files to our Routed Android Devices.
-You will need to use Root Explorer to copy these files to your device, or Adb Push. ( Lookup the forums for on how to )
-Copy chat binary into /system/bin/ overwrite if prompt.
-Copy your mobile config files into these folders respectively.
a) rogers-chat -> /etc/ppp/peers (create this folders if it doesn't exist)
b) rogers -> /etc/ppp/chatscripts (create this folder if it doesn't exist}
-Reboot Device
-Once rebooted, you will need to pair your mobile device to your android device. Delete the profiles if it already exist, & pair again. (BT is buggy)
-Keep Bluetooth On.
Now here comes the most frustrating part... connecting!
Step 5:Configuring Q5 DUN
The best and easiest way to find you DUN MAC and Channel is using Q5 IMO,
but you can also use Linux commands. ( Terminal Tether guide above )
-Make sure you turn on BT, as this app does not toggle the BT on.
-Use this guide by wsoft2002 to configure Q5http://android.gval.biz/Q5_Bluetooth_DUN_installations.php
-In the Dial-Up Script, this is where the rogers-chat come into play.
-Open rogers-chat (your provider) file in Text Editor via Root Explorer.
-Select all Text and Copy in the the Dial-Up Script.
Your Dial-Up should look like this:
TIMEOUT 10
ABORT 'BUSY'
ABORT 'NO ANSWER'
ABORT 'ERROR'
SAY 'Starting GPRS connect script\n'
'' 'BBT_OS'
'' 'ATZ'
SAY 'Setting APN\n'
OK 'AT+CGDCONT=1,"IP","internet.com"'
ABORT 'NO CARRIER'
SAY 'Dialing...\n'
OK 'ATD*99#'
CONNECT
# Without ~p it does NOT continue passed Connect !!
~p
Click to expand...
Click to collapse
*Note the "internet.com", this is where you put your mobile APN. ( Google search if your mobile is not in the bbtether folder ) or settings on your phone.
**Note that the 'ATD*99#' will differ depending on the carrier. You can try 'ATD*99***1#' if that doesn't work, (try to google 'your carrier' ATD)
***Thanks to Nijhar he found out that on Telus Network, ~p causes connection issues in Q5, so this may vary for you. (Trial and Error!)
****NEW**** Found * Another way to find you isp APN settings, using Blackberry Desktop Software, and plugging in the mobile device, you can browse all authorized BB carriers.
-Save Configuration & Hit connect to Test it out.
Allow the connection and checkmark 'Do not show again'
If you get 'PPP Connection is UP!' GREAT! Skip to Step 7.
-If you get 'PPP Failed to connect' then obviously it didn't work.
Now there are a few factors that causes PPP failed to connect.
a) Q5 not setup properly, I suggest you double check your settings.
b) Pairing problems, or Trust permissions. Re-Pairing might fix it.
c) Remove or Add ~p from the chat script.
d) Reboot both devices and try again.
e) Tether is not supported by your carrier.
f) Make sure Dial-Up Networking Service is enabled on your phone. in Bluetooth connections>paired devices>Touchpad (May vary depending on BB OS)
Step 6:Testing BT connection in Terminal
Q5 might not work for you, so Terminal will be your next Option.
-Open Terminal and type 'su' for super user rights.
-type the following '# rfcomm bind /dev/rfcomm0 <bluetooth MAC> <channel>'
-then type 'pppd /dev/rfcomm0 call rogers' <- change 'rogers' to your carrier.
-Look at your Blackberry 'Modem Mode Enabled' should appear if it connects.
-If it does not connect, please revise the guide and make sure you have done everything exactly up till now.
-'# killall pppd ' to end the connection
Step 7:Configuring DNS to Google's DNS or of your choise
-In Terminal
-Type 'su'
-Then 'setprop net.dns1 8.8.8.8'
-Next 'setprop net.dns2 8.8.4.4'
*You can put as much as dns4 if you like, but Google's DNS should work fine**
Step 8:Testing Internet Connection
-Browsing
-Youtube
-Facebook
-Apps & Games (Trial & Error)
Step 9:Modifying the build.prop to eliminate setprop net.dns on reboot.
-Add net.dns1=8.8.8.8 & net.dns2=8.8.4.4
Working:
-Browsing the Web
-Streaming Video/Music
-Downloading Files using Opera Browser(Perfect), or xwind downloader app(Not perfect, but will work with any browser). Or use share link to Opera browser to DL using 'Choose Browser app found on the Market' -NEW-
-GO Launcher EX works great! Weather widget, facebook, e-mail etc all works! <~ If you want a fully functional homescreens,widgets etc
-Rogers,Telus & Bell Networks
Not Working:
-Android Market (Browse-able, but can't download anything)
-Google Currents
-Kindle App ( can log-in, but can't browse new books )
-Weather Apps ( News & Weather Works tho )
-Games
-Essentially any apps that cannot detect BT as Internet Source. Unlike most apps keeps trying to connect regardless of the 'available network'.
Support:
And if all fails, you may post below, and tell me your problems.
-Please provide the following info:
a) Mobile model & OS version
b) Tablet model & OS version
c) Carrier
d) Brief Description of the problem.
Please do not complain if it does not work for your device. We're simply trying to help the Android community by giving them support on unsupported devices.
UPDATED 22/12/2011:
Brut.all said:
And you will have problems with Android Market and some other apps. Internet is configured at linux level, Android OS don't know about it, so if application asks: "Do we have internet connection?", Android replies: "No". Android Market will wait for connection even if there is one.
Click to expand...
Click to collapse
I guess there's no workaround? Can someone with some DUN or PAN knowledge, shed some light on us?
WIP:
-Add Other Carriers ( Fido, etc?) (Feedback needed from the community)
Credit goes to:
lophyte for this Terminal Tethering guide & Chat Binary.
http://forum.cyanogenmod.com/topic/37078-how-to-tether-your-gtab-to-your-blackberry-phone-via-bluetooth/
berry4all for the chat scripts. http://www.berry4all.com/
wsoft2002 for his Q5 DUN program. http://android.gval.biz/
Max Taranukha who's name is on the script.
Brut.all for his finding on why Market doesn't work.
RimDroid for helping with the research, and helping me understanding a little bit more about Linux Dial-Up Networking.
nijhar for testing and helping this project out.
Thank you all for the support.
Click to expand...
Click to collapse
I hope our community keeps growing and more new devices are supported as days passes by.
Merry X-Mas everybody!
Vampirexhunter

Please post a reply if this worked or failed for you.
Most appreciated.

Simply amazing!! Thank you very much. Was waiting for the ROM update on my BB that would include wireless hotspot. That hasn't happened
Running a Torch 9860 with my rooted Touchpad. Just followed your instructions. Except I did not modify the build.prop file yet. I can't believe how fast this is!

benven said:
Simply amazing!! Thank you very much. Was waiting for the ROM update on my BB that would include wireless hotspot. That hasn't happened
Running a Torch 9860 with my rooted Touchpad. Just followed your instructions. Except I did not modify the build.prop file yet. I can't believe how fast this is!
Click to expand...
Click to collapse
Awesome! Does downloading work for you? and are you using Q5 or Terminal way?

I am using Q5. I only tried the Market. And as you stated, can get there but cannot download apps. As soon as I shut down Q5 and started up wifi, the apps downloaded. I am going to try Google Maps and Navigation to see if they work.
One question...does it matter where you put the net.dns1=8.8.8.8 & net.dns2=8.8.4.4 line in build.prop?
Thanks again and Merry Christmas!

benven said:
I am using Q5. I only tried the Market. And as you stated, can get there but cannot download apps. As soon as I shut down Q5 and started up wifi, the apps downloaded. I am going to try Google Maps and Navigation to see if they work.
One question...does it matter where you put the net.dns1=8.8.8.8 & net.dns2=8.8.4.4 line in build.prop?
Thanks again and Merry Christmas!
Click to expand...
Click to collapse
anywhere works.

New Discovery:
Q5 DUN does not require the ppp files (rogers + rogers-chat)
It only requires the chat binary file /system/bin
So if you are not using the terminal way, you can safely delete those files without affecting Q5.
New Discovery 2:
Stock browser,Firefox Beta & Dolphin HD - all three can't download... lol
But...Using Opera Browser, I was able to download files!! Yay! I'm assuming this app does not rely on 'Connectivity Manager'. I'm so happy, as this is the only browser that worked out of 4!

New Findings! Check it Out!

Simply amazing!! 关注中！

Nice Guide Vamp.
Couldn't have done it better myself!

Tried the Amazon Silk Browser
This Browser rocks in terms of browsing speeds!!
Can't download with this browser.. bummer..

New Finding!
I found a Download manager that works with BT.
Xwind Downloader by JasonWong.
By using this DL manager, I can use any browser I want to browse, and use this manager to download!

Hello, I have a question. When you pair you BB to HP Touchpad, does your Bluetooth say paired but not connected? Is that ok, or do I need to fix it somehow for the Tethering to work? So far I'm not able to tether, so I was wondering if that was the problem.
Some info:
Hp Touchpad running cyanogenmod 7
Blackberry Torch 9800 with Rogers and data plan.
Thank you.

kryal said:
Hello, I have a question. When you pair you BB to HP Touchpad, does your Bluetooth say paired but not connected? Is that ok, or do I need to fix it somehow for the Tethering to work? So far I'm not able to tether, so I was wondering if that was the problem.
Some info:
Hp Touchpad running cyanogenmod 7
Blackberry Torch 9800 with Rogers and data plan.
Thank you.
Click to expand...
Click to collapse
Hi Kryal,
It's suppose to say paired but not connected, that's normal.
All I can say is follow my instructions very carefully.
Which method are you using? Terminal or Q5?
Also make sure Dial-Up Networking Service is enabled on your phone. in Bluetooth connections>paired devices>Touchpad

vampirexhunter said:
Hi Kryal,
It's suppose to say paired but not connected, that's normal.
All I can say is follow my instructions very carefully.
Which method are you using? Terminal or Q5?
Also make sure Dial-Up Networking Service is enabled on your phone. in Bluetooth connections>paired devices>Touchpad
Click to expand...
Click to collapse
Never mind I fixed it by following the guide closely YOU ARE THE BEST. Donated, you deserve it.

kryal said:
Never mind I fixed it by following the guide closely YOU ARE THE BEST. where do I donate to you guys?
Click to expand...
Click to collapse
Awesome! Glad it worked out for you.. Donate? lol Thanks, but no need.. Free! I did not developed any software, and it was mostly used information out on the net that I slapped together

Even Netflix works on this!!! The video is a bit choppy but I'm very surprised anyways.

kryal said:
Even Netflix works on this!!! The video is a bit choppy but I'm very surprised anyways.
Click to expand...
Click to collapse
Yea, I've been trying to speed up the connection, but very unsuccesful.. it seems to cap at ~1mbps.. and on usb i can get about 2.5mbps (Tether to PC)
Also Rogers network is slow.

cm7 3.5
Hi there, I need some help please, is my chatscripts or peers wrong??
Operator: Singtel
Country: Singapore
APN: internet
user:65ideas
password: <no password>
Blackberry bold 9650 OS 6(latest)
cm7 alpha 3.5
Code:
TIMEOUT 10
ABORT 'BUSY'
ABORT 'NO ANSWER'
ABORT 'ERROR'
ABORT "NO DIALTONE"
ABORT VOICE
ABORT RINGING
SAY 'Starting GPRS connect script\n'
'' 'BBT_OS'
OK 'ATZ'
OK 'AT+CGDCONT=1,"IP","internet"'
ABORT 'NO CARRIER'
SAY 'Dialing...'
OK 'ATD*99#'
CONNECT
Code:
# Tested by Max Taranukha
115200
noipdefault
defaultroute
#nomultilink
ipcp-restart 7
ipcp-accept-local
ipcp-accept-remote
lcp-echo-interval 0
lcp-echo-failure 999
nopcomp
noaccomp
pap-timeout 20
pap-restart 20
lcp-restart 10
#noauth
crtscts
usepeerdns
nomagic
noccp
#novj
user "65ideas"
password ""
name Internet
#debug debug debug
# does not exist in all pppd versions (osx)
#replacedefaultroute
connect "/system/bin/chat -f /etc/ppp/chatscripts/singtel-chat"
tried with ~p or without ~p
Tried
user 65ideas
password ""
user 65ideas
password

jinnyroxs said:
Hi there, I need some help please, is my chatscripts or peers wrong??
Operator: Singtel
Country: Singapore
APN: internet
user:65ideas
password: <no password>
Blackberry bold 9650 OS 6(latest)
cm7 alpha 3.5
Code:
TIMEOUT 10
ABORT 'BUSY'
ABORT 'NO ANSWER'
ABORT 'ERROR'
ABORT "NO DIALTONE"
ABORT VOICE
ABORT RINGING
SAY 'Starting GPRS connect script\n'
'' 'BBT_OS'
OK 'ATZ'
OK 'AT+CGDCONT=1,"IP","internet"'
ABORT 'NO CARRIER'
SAY 'Dialing...'
OK 'ATD*99#'
CONNECT
Code:
# Tested by Max Taranukha
115200
noipdefault
defaultroute
#nomultilink
ipcp-restart 7
ipcp-accept-local
ipcp-accept-remote
lcp-echo-interval 0
lcp-echo-failure 999
nopcomp
noaccomp
pap-timeout 20
pap-restart 20
lcp-restart 10
#noauth
crtscts
usepeerdns
nomagic
noccp
#novj
user "65ideas"
password ""
name Internet
#debug debug debug
# does not exist in all pppd versions (osx)
#replacedefaultroute
connect "/system/bin/chat -f /etc/ppp/chatscripts/singtel-chat"
tried with ~p or without ~p
Tried
user 65ideas
password ""
user 65ideas
password
Click to expand...
Click to collapse
This setting might differ from carrier: 'ATD*99#'
This is the modem command to connect for Rogers.. you will have to find out which one works for you.
Try this one: 'ATD*99***1#'
If that doesn't work, you will need to test on your own, as I am only able to test Canadian carriers.
You can find other ATD commands online, if this one doesn't work.

How to create a shelf icon that executes a shell programm call?

Hey everyone,
I am looking for a way to activate sleep mode of my chromebook manually in order to save battery without having to log out or power off all the time (it's connected to an external display, so closing the lid doesn't trigger it).
So far I found out that calling "powerd_dbus_suspend" from the shell does the trick, but as you can imagine, using the shell and actually typing the command every time is not really a solution.
Is there a way to create a chrome os app that executes this program call, so I can put it in my shelf and just click it to activate sleep?
I'm not really good at .json, maybe there's a way? Or any other suggestions?
Thanks alot!
Markus

I would like to know it too. Anyone?

Sneets said:
Hey everyone,
I am looking for a way to activate sleep mode of my chromebook manually in order to save battery without having to log out or power off all the time (it's connected to an external display, so closing the lid doesn't trigger it).
So far I found out that calling "powerd_dbus_suspend" from the shell does the trick, but as you can imagine, using the shell and actually typing the command every time is not really a solution.
Is there a way to create a chrome os app that executes this program call, so I can put it in my shelf and just click it to activate sleep?
I'm not really good at .json, maybe there's a way? Or any other suggestions?
Thanks alot!
Markus
Click to expand...
Click to collapse
Run a tiny web server like lighttpd in the shell on a weird port, restrict to localhost. Set up index.php to run system (whatever);
Then bookmark the 127.0.0.1: xxxx URL

Which system call invokes power_dbus_suspend?
Thanks Parrotgeek1. Working off your excellent suggestion I installed a lightweight local server on ChromeOS (Web Server for Chrome with the 200 OK! icon) and built a small framework app that is served from local storage. I'm all set up to call chrome.app.??? from my JavaScript. Which API provides the power_dbus_suspend capability? I looked through the Power and System APIs and I don't see anything. - Thanks!

Sneets said:
Hey everyone,
I am looking for a way to activate sleep mode of my chromebook manually in order to save battery without having to log out or power off all the time (it's connected to an external display, so closing the lid doesn't trigger it).
So far I found out that calling "powerd_dbus_suspend" from the shell does the trick, but as you can imagine, using the shell and actually typing the command every time is not really a solution.
Is there a way to create a chrome os app that executes this program call, so I can put it in my shelf and just click it to activate sleep?
I'm not really good at .json, maybe there's a way? Or any other suggestions?
Thanks alot!
Markus
Click to expand...
Click to collapse
Have you tried this simple extension? Keep Awake
https://chrome.google.com/webstore/...lb?utm_source=chrome-app-launcher-info-dialog

What I do is have the shell tab pinned, and press [up arrow] for the command then hit [enter]. Probably not ideal if you use the shell a lot as you have to step through recently used commands.

Re: Pkt_Lnt's post
Thanks Pkt_Lnt. That app only deals with disabling the normal sleep behavior, not causing it, and in particular not causing it when an external monitor is connected. I'm looking for something like Sneets has requested, to invoke a powerd_dbus_suspend command that will force the system to sleep (and turn off an external monitor). Per Parrotgeek1's comment, I've got a little app now sitting on the shelf that is all set to call some system command to invoke powerd_dbus_suspend, only I'm looking for what command to call, from JavaScript.

I managed to find a way to do something similar with the Secure Shell app. During the process of figuring it out, I also found that I was able to create a homescreen shortcut on my Android tablet which when tapped sends a shell command to the Chromebook.
This method might be overkill somewhat, but, anyway, what I did was as follows:
Installed Secure Shell extension; setup sshd on the Chromebook (by making a symlink in /etc/init/ pointing to /usr/share/chromeos-ssh-config/init/openssh-server-conf); rebooted; added public key from ConnectBot (Android app) to ~/.ssh/authorized_keys in order to test connection; setup Android homescreen shortcut to send shell command; created profile in Secure Shell app on Chromebook to connect to [email protected]/my local IP address; generated keys on Chromebook (in ~/.ssh); added generated public key to ~/.ssh/authorized_keys; imported newly-generated private/public key pair within Secure Shell app (one by one); created bookmark link to [email protected] profile in shelf, and, finally, added required command to profile in Secure Shell.
It works well! It looks like any command can be added to the 'Arguments' field in Secure Shell, with the syntax:
Code:
-- thecommand
Although I guess commands that need sudo would require a connection to [email protected], instead of chronos. (-t argument lets you use sudo, but then sending a line break/ENTER seems to be needed)
The window opened with the click does hang around - I haven't figured out if it's possible to avoid this - but it does at least seem to persistently remember the size and position to which it's set.
I posted up some further details at http://nolirium.blogspot.com/shell-command-shelf-shortcut-chromeos.html

Impressive! But a bit more than I'm looking to do
@Nolirum - I read your blogspot doc and your procedure's pretty impressive. Frankly it's a little beyond me and beyond what I'm looking for. If you ever run across a way to invoke powerd_dbus_suspend a little more directly please post here as well. You clearly have a strong grasp of the issues!

Nolirum said:
I managed to find a way to do something similar with the Secure Shell app. During the process of figuring it out, I also found that I was able to create a homescreen shortcut on my Android tablet which when tapped sends a shell command to the Chromebook.
This method might be overkill somewhat, but, anyway, what I did was as follows:
Installed Secure Shell extension; setup sshd on the Chromebook (by making a symlink in /etc/init/ pointing to /usr/share/chromeos-ssh-config/init/openssh-server-conf); rebooted; added public key from ConnectBot (Android app) to ~/.ssh/authorized_keys in order to test connection; setup Android homescreen shortcut to send shell command; created profile in Secure Shell app on Chromebook to connect to [email protected]/my local IP address; generated keys on Chromebook (in ~/.ssh); added generated public key to ~/.ssh/authorized_keys; imported newly-generated private/public key pair within Secure Shell app (one by one); created bookmark link to [email protected] profile in shelf, and, finally, added required command to profile in Secure Shell.
It works well! It looks like any command can be added to the 'Arguments' field in Secure Shell, with the syntax:
Code:
-- thecommand
Although I guess commands that need sudo would require a connection to [email protected], instead of chronos. (-t argument lets you use sudo, but then sending a line break/ENTER seems to be needed)
The window opened with the click does hang around - I haven't figured out if it's possible to avoid this - but it does at least seem to persistently remember the size and position to which it's set.
Click to expand...
Click to collapse
This really is impressive! Thanks for the extremely detailed explanation.
I was able to follow along completely and get the SSH argument "powerd_dbus_suspend" working.
However, I got to thinking. I was wondering if this could be extended to use an alias stored in ~/.bashrc?
After doing some research of my own and using various parameters and arguments, I was unsuccessful.
The goal is to have a linux app (through crouton) be run using xiwi with just a single bookmark by utilizing an alias.
Any thoughts?
UPDATE:
Of course just a few moments later I figured this out! Rather than dealing with an alias stored in ~/.bashrc and ensuring ssh had access, typing the entire alias command as an argument worked. Now I can run Steam directly from a shelf bookmark. All it took was replacing "powerd_dbus_suspend" with "-- sudo enter-chroot xiwi steam" in the argument.
Thanks again!

DandyRandyMarsh said:
This really is impressive! Thanks for the extremely detailed explanation.
I was able to follow along completely and get the SSH argument "powerd_dbus_suspend" working.
Click to expand...
Click to collapse
No problem! I think it's perhaps overly detailed if anything. Might be easier to follow if I cut it down a bit.
DandyRandyMarsh said:
Now I can run Steam directly from a shelf bookmark. All it took was replacing "powerd_dbus_suspend" with "-- sudo enter-chroot xiwi steam" in the argument.
Click to expand...
Click to collapse
Nice!
Adding crouton single app shortcuts is a cool idea which I hadn't considered. Does it work OK for you with sudo in the command, even straight after booting up? ...You didn't have to setup sudoing without a password via sudoers.d or anything?
Inspired by your post I added xiwi to my chroot to try it out. I seem to remember experiencing quite unbearable lag and slowness when running a full desktop via xiwi in the past, but with single apps there doesn't seem to be any noticeable performance hit (this is on an armv7 Asus Flip, with the chroot on a slooow USB drive).
In order to not have to enter my sudo password, in the argument I put:
Code:
-t -- echo mypassword | sudo -S sh /media/removable/3/bin/enter-chroot xiwi firefox
Maybe I'm missing something? Is there a better way, perhaps?
Anyway, since I have rootfs verification switched off, I also tried saving a similar command to a file in /usr/bin, and putting the filename in the argument instead. This works, too, and I suppose could potentially be useful e.g. in the case of needing to run a more convoluted sequence of commands with a shortcut.

Nolirum said:
Adding crouton single app shortcuts is a cool idea which I hadn't considered. Does it work OK for you with sudo in the command, even straight after booting up? ...You didn't have to setup sudoing without a password via sudoers.d or anything?
Click to expand...
Click to collapse
I'm not entirely familiar with exactly how my process worked, but I do not have any sudo password required within shell.
Here's the list of steps I followed allowing me to use sudo commands in the SSH Arguments box.
As a side note, this is the crouton installation I am running on an ASUS c302.
sudo sh ~/Downloads/crouton -r trusty -t unity,touch,xiwi,extension
Setup Bookmarks that Run Shell Commands
1. Installed Secure Shell extension
2. Open crosh with Ctrl+Atl+T
3. Enter Command: shell
4. Enter Command: sudo su -
5. Enter Command: sudo /usr/share/vboot/bin/make_dev_ssd.sh --force --remove_rootfs_verification
6. Enter Command: reboot
7. Let Chrome OS reboot
8. Open crosh with Ctrl+Atl+T
9. Enter Command: shell
10. Enter Command: sudo su -
11. Enter Command: mount –o remount rw /
12. Close current crosh window
13. Open a new crosh with Ctrl+Atl+T
14. Enter Command: shell
15. Enter Command: sudo ln -s /usr/share/chromeos-ssh-config/init/openssh-server.conf /etc/init/openssh-server.conf
16. Enter Command: sudo initctl reload-configuration
17. Enter Command: sudo initctl start openssh-server
18. Enter Command: cd ~/.ssh/
19. Enter Command: ssh-keygen
“Enter file in which…” *LEAVE BLANK*
“Enter passphrase” *LEAVE BLANK*
“Enter same passphrase” * LEAVE BLANK*​20. Enter Command: cat /home/chronos/user/.ssh/id_rsa.pub >> /home/chronos/user/.ssh/authorized_keys
21. Enter Command: cp -a /home/chronos/user/.ssh/id_rsa* /home/chronos/user/Downloads
22. Close current crosh terminal and open Secure Shell extension
23. Select [New Connection]
24. Click Import… and select “id_rsa”
25. Click Import… again and select “id_rsa.pub”
26. Enter chronos as the username and localhost as the hostname
27. Enter a shorthand name replacing the text in the top cell “[email protected]”
28. Click Enter. If prompted, enter “yes” to continue connecting
29. Bookmark the page that is open which should end in, "#profile-id:_ _ _ _"
DONE. Now time to add some commands to automate.
Open Secure Shell and select the connection created. In the arguments box, start with two dashes -- and follow it your desired shell command.
Examples:
-- sudo startunity
-- sudo startgnome
-- sudo enter-chroot xiwi steam
-- sudo enter-chroot xiwi wine microWord​
Next Steps... Getting Custom Shelf Icons
Now here I am running into some issues. Rather than have all these icons be the same, I was hoping to customize them.
Followed a strategy found on reddit, Change Shelf Icon for Website, but this only works if the site already had an "apple-touch-icon" set. Also, tried to inject the entire code myself which I couldn't get to work. Unfortunately, I think that since this bookmark is created from a Secure Shell, there are some issues.
I have already tried adding in code for this into the site, but it is having no effect. If someone could make this work then we're really looking good here.

DandyRandyMarsh said:
I'm not entirely familiar with exactly how my process worked, but I do not have any sudo password required within shell.
Click to expand...
Click to collapse
Oh, I see what you mean. You are saying that you can sudo in the shell generally, without being prompted for a password, right?
Was that the default setup on your CB (after switching to Dev mode)? Or did you have to configure it manually for passwordless sudoing...
DandyRandyMarsh said:
Here's the list of steps I followed allowing me to use sudo commands in the SSH Arguments box.
Click to expand...
Click to collapse
Nice work summarizing the steps. :highfive: It's probably easier to follow, listed out like that. One slight addendum, perhaps - at step 29, it might be good to clarify the "add to shelf" procedure. Especially because of the following...
DandyRandyMarsh said:
Next Steps... Getting Custom Shelf Icon
Now here I am running into some issues. Rather than have all these icons be the same, I was hoping to customize them.
Click to expand...
Click to collapse
Happily it turns out that, when you add shortcuts to the shelf on Chrome OS like this, a minimal app is created for each one, with its own manifest.json, and icon.pngs. Our shell shortcuts were getting created with blank pngs by default (the black box with P in the center).
So, all we need to do, is get some icons, find the right folder for our shelf shortcut apps, then copy our new icons into them!
For instance, here's how I made a nice shiny icon for my single app shelf shortcut to Firefox.
Prepared icons:
Created a temporary folder in ~/Downloads to store downloaded icons.
Prepared a set of icons in ~/Downloads/firefox. (I downloaded mine from findicons.com).
Six sizes are required - from 32px to 256. To avoid any manifest editing, saved them as *size*.png
e.g. 32.png; 48.png; 64.png; 96.png; 128.png; 256.png
Located folder to copy icons to:
It is easiest to do this directly after clicking "add to shelf"
EITHER:
To change dir into the most recently modified extension icon subfolder automatically, the following one-liner worked for me*.
Code:
shell
cd ~/Extensions/&&cd $(ls -v1td */ | head -1)/*/icons&&ls
A list of blank icons (*.png) should be visible. If so, the new icons can simply be copied over these, e.g..
Code:
sudo cp ~/Downloads/firefox/* .
*YMMV with this particular one-liner - sometimes there's an extra 'temp' folder in ~/Extensions, which stops it working as expected. If you get an error after running the command, simply use the slightly more manual method to locate the folder, as detailed below.
OR:
(slightly more manual method).
Code:
shell
ls -ltr ~/Extensions
Checked the date/times - the most recently added folder is at the bottom. Then,
Code:
cd themostrecentlyaddedfolder
(or, the folder modified at the date/time that the shortcut was "added to shelf"). Then,
Code:
cd */icons
ls
sudo cp ~/Downloads/firefox/* .
I then repeated the above with a new SSH argument and a set of Ubuntu icons, for a custom startxfce4 shortcut, too.
Then just did sudo restart ui, and enjoyed the shiny new shelf icons!
I am hopeful that these changes will get picked up by CrOS's sync, thus getting backed-up and restored automatically. At this point I am not sure if that will be the case, but I don't see why it wouldn't.

Another way?
Another way to approach this, since you're modifying system stuff anyway, might be to edit crosh at /usr/bin/crosh. It's a regular ol' dash/bash shell program, and you can create a shortcut to it on the shelf by opening crosh (ctrl-alt-T), then right click the top right of the browser and select More Tools --> Add to shelf...
Clicking the newly-created link (which looks like an "N") will launch /usr/bin/crosh in a tab. Changing the default behavior of /usr/bin/crosh could accomplish your goal to do whatever you want. With some experimenting, you might even be able to pass arguments to make it do different things depending on how it's opened (via ALT-CTRL-T vs from the shelf-- dunno if it can read the url used to call crosh), but at the very least you could do something like have it run whatever you want it to run if a second modifier key is held down (or if it isn't...), otherwise return to normal operation. A menu w/1 sec timeout could do this as well, ie--
Doing [THE THING YOU WANT] in 2 seconds (press SPACE for crosh)... /
Note there's no proof-of-concept here. Just throwing it out as an idea that I'm pretty sure would work... Someone might even create a neat extension that allows crosh to use scripts/plugins to execute different system operations beyond the stock ones that are built-in via single-clicks... If it worked, it might be a little simplier than via the SSH extension and you wouldn't have to run any extra daemons.
ft
This is probably harder, but a third way, which probably is the "right" way is to see how the crosh extension works and learn about opening the hterm.Terminal instance chrome.terminalprivate object directly, sending it output, and closing it in the same way crosh does it. There's a file in the crosh extension at js/crosh.js that shows the basics of how it's done:
var terminal = new hterm.Terminal(profileName);
And then you can do stuff with it. You could then create an extension that could handle multiple shelf-icons (say by appending ?COMMAND=ls to the URL to do different shell commands(. The security implications for this would probably be huge obviously.
Update: More on embedding hterm is here.
Nolirum said:
I managed to find a way to do something similar with the Secure Shell app. During the process of figuring it out, I also found that I was able to create a homescreen shortcut on my Android tablet which when tapped sends a shell command to the Chromebook.
I posted up some further details at http://nolirium.blogspot.com/shell-command-shelf-shortcut-chromeos.html
Click to expand...
Click to collapse

Nice post - Some good food for thought, changing up the contents of crosh etc directly is an interesting idea.
fattire said:
Another way to approach this, since you're modifying system stuff anyway, might be to edit crosh at /usr/bin/crosh. It's a regular ol' dash/bash shell program, and you can create a shortcut to it on the shelf by opening crosh (ctrl-alt-T), then right click the top right of the browser and select More Tools --> Add to shelf...
Click to expand...
Click to collapse
Interesting! ....Aaaaand, now I've broken crosh. lol. Lucky I had my SSH shortcut setup... (actually, we can still get into the VTs with CtrlAltF2 etc anyway).
Some good potential for experimentation with this, definitely.
fattire said:
This is probably harder, but a third way, which probably is the "right" way is to see how the crosh extension works and learn about opening the hterm.Terminal instance chrome.terminalprivate object directly, sending it output, and closing it in the same way crosh does it. There's a file in the crosh extension at js/crosh.js that shows the basics of how it's done:
Click to expand...
Click to collapse
Again, very interesting. Now you come to mention it, an approach such as this does seem like it might be do-able without too much messing around (maybe)...
Any possible method we can get e.g. an extension to 'talk' to the shell is worth looking into I think; as you say, if we can cut out the middleman (ssh) and maybe do it more elegantly, that might be pretty useful indeed.