[OpenWrt-Devel] Removing Telnet

Sami Olmari sami at olmari.fi
Wed Sep 9 21:29:38 EDT 2015


IMHO no password is best method until a password is set (like it was with
telnet and now with new paswordless SSH). A default password is just false
sense of security, there is none! Otherwise "encouraging" to set one and
how can be discussed...

 Olmari

On Thu, Sep 10, 2015 at 3:14 AM, Ben Franske <ben.lists at franske.com> wrote:

> I'm copying this to the list because it was sent directly to me... There
> are definitely many ways of "encouraging" people to change the password
> which could be explored, another example is the WAN interface could be
> disabled until the password is set. A few more thoughts on something like
> that or the WiFi disable proposed below though:
>
> -Don't just have a feature like WiFi die without an error message
> indicating the password must be changed, again bad user experience (and
> lots of support requests)
> -Make sure that the error is clear BOTH in LuCI and the CLI and provide
> instructions for changing the password (e.g. just sending an error to the
> console is not sufficient) LuCI already can detect the null password
> condition as it prompts the user with a banner to set a password, this
> could be adapted to check for a default password and the warn the user that
> some features are disabled until the password is changed
>
> -Ben
>
> On 9/9/2015 6:05 PM, Derek & Vicky wrote:
>
>> I agree no password is problematic, so is a default password that never
>> gets changed.  So what if the wifi startup script checks the md5sum of the
>> /etc/shadow file against the sum it created at startup Or predefined
>> value.  This way it won't enable the wifi unless the sum changes.
>>
>> Derek
>>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20150910/0dc5e9af/attachment.htm>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list