[OpenWrt-Devel] [PATCH] base-files utils/busybox: Make requiring login in console default for easily accessed devices
Bastian Bittorf
bittorf at bluebottle.com
Thu Dec 24 15:42:34 EST 2015
* John Crispin <blogic at openwrt.org> [24.12.2015 21:15]:
> > while we are at it: what about including default private keys for SSH
> > till the real keys are generated? it can last several minutes on some
> > routers and it feels like the box is broken. also: if really something
> > goes wrong during key generating we can at least login.
>
> you have a very bizarre understanding of securing a device.
in this stage the box is still without password.
the only issue i can think of is, that one can
read on the wire to which password somebody changes
with 'passwd' - but i'am pretty sure this is not
the case, because each session has it's own privacy.
please say more about your doubts.
bye, bastian
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list