> It might seem that hitting "enter" at the password prompt isn't a big > deal, and for interactive use, that's true. The embedded system is > set up with a blank password mainly during development and testing > because it's a handy way to do automate testing using shell scripts > running on the development host. The password prompt breaks that.
I've always run automated stuff on embedded boxes via dropbear with a little pubkey authentication; I store a public key in the embedded firmware, and the testing process has the corresponding private key. This has the following additional advantage: if there's a massive f*ckup and some development version goes into release, the box is still not publicly accessible. ;) -- Laurent