Openmoko Bug #1853: Enhancement: improve dropbear security by listening only on usb0 by default

Openmoko Public Trac bugs at docs.openmoko.org
Sun Aug 24 16:23:13 CEST 2008


#1853: Enhancement: improve dropbear security by listening only on usb0 by default
-----------------------------+----------------------------------------------
 Reporter:  RuiSeabra        |          Owner:  openmoko-kernel           
     Type:  enhancement      |         Status:  new                       
 Priority:  normal           |      Milestone:                            
Component:  System Software  |        Version:                            
 Severity:  blocker          |       Keywords:  dropbear security haspatch
Blockedby:                   |   Reproducible:  always                    
 Blocking:                   |  
-----------------------------+----------------------------------------------
 Letting ssh listen on 0.0.0.0:22 may be hazardous if you connect to wifi
 links, and seldom will you need to access dropbear from wifi unless you
 know what you're doing.

 If you know what you're doing, you can easily change dropbear to go back
 to an insecure default.

 A clever usage of awk in the init script will dynamically fetch usb0's
 address thus reducing the risk of the default.

-- 
Ticket URL: <https://docs.openmoko.org/trac/ticket/1853>
docs.openmoko.org <http://docs.openmoko.org/trac/>
openmoko trac


More information about the openmoko-kernel mailing list