Root password and ssh?
michael at crosscode.org
michael at crosscode.org
Wed May 14 12:34:17 CEST 2008
Well, it would take programming but I think the "correct" method of
handling this would be to either disable ssh altogether or (perferably) only
enable it for the usb interface, and then *if* a user wants to make their
phone availble for ssh via wifi there should be an "enable ssh" configuration
option that prompts you to set the ssh password. That way the vast majority of
consumer users never have to worry about ssh being enabled or not and
there's no default password to the phone to make it look bad security-wise.
- Michael
On Wed, 14 May 2008, George Brooke wrote:
> On Tue, 13 May 2008 23:03:45 +0100
> "andy selby" <andyfrommk at googlemail.com> wrote:
>
>> You are correct, the root account on the phone has a blank password,
>
> Maybe part of the getting started manual could include setting up
> pubkey authentication and disabling password logins (at least for the
> wifi maybe they could still be allowed over usb - not sure if that's
> possible). I think that the ip address is always the same to make using
> eth over usb simpler - the wifi should pickup its address from dhcp (or
> from a static config).
>
> solar.george
>
> _______________________________________________
> Openmoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community
>
>
More information about the community
mailing list
