Root password and ssh?
Stephen Shelton
stephen at stephenashelton.com
Wed May 14 16:54:59 CEST 2008
On Wed, May 14, 2008 at 06:34:17AM -0400, michael at crosscode.org wrote:
> Well, it would take programming but I think the "correct" method of
> handling this would be to either disable ssh altogether or (perferably)
> only
> enable it for the usb interface, and then *if* a user wants to make their
> phone availble for ssh via wifi there should be an "enable ssh"
> configuration
> option that prompts you to set the ssh password. That way the vast majority
> of
> consumer users never have to worry about ssh being enabled or not and
> there's no default password to the phone to make it look bad security-wise.
>
> - Michael
>
> On Wed, 14 May 2008, George Brooke wrote:
>
>> On Tue, 13 May 2008 23:03:45 +0100
>> "andy selby" <andyfrommk at googlemail.com> wrote:
>>
>>> You are correct, the root account on the phone has a blank password,
>>
>> Maybe part of the getting started manual could include setting up
>> pubkey authentication and disabling password logins (at least for the
>> wifi maybe they could still be allowed over usb - not sure if that's
>> possible). I think that the ip address is always the same to make using
>> eth over usb simpler - the wifi should pickup its address from dhcp (or
>> from a static config).
>>
>> solar.george
Why not disable login as root? Seems pretty simple, and IMO a good practice in
general. I assume logging in as foo user works as normal...?
--
Stephen Shelton
stephen at stephenashelton.com
http://www.stephenashelton.com
>>
>> _______________________________________________
>> Openmoko community mailing list
>> community at lists.openmoko.org
>> http://lists.openmoko.org/mailman/listinfo/community
>>
>>
>
> _______________________________________________
> Openmoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community
More information about the community
mailing list