[OpenWrt-Devel] [PATCH] base-files utils/busybox: Make requiring login in console default for easily accessed devices

Bastian Bittorf bittorf at bluebottle.com
Thu Dec 24 16:42:10 EST 2015

* Michael Richardson <mcr at sandelman.ca> [24.12.2015 22:14]:
> 2) if the user is "used" to a key mismatch, and they type their password in,
>    the password has just been compromised.

this is indeed true for IPv6/linklocal

> A better approach is that the ssh daemon should start, open port 22, and then
> do SSHv2 transport mode up to the key-exchange, and then just respond to
> keep alives, ideally with a message to "Please stand by", if we can find
> a way to do that in-protocol. (wow. it's been 18 years since I worked at ssh...)

this is very interesting.
i'am not sure how big this impact is to the dropbear codebase, but i like it.

thanks for your feedback. bye, bastian
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list