We have a small range of embedded linux devices used in security
systems. We are undertaking a gradual process to harden the default
security, and one of our first tasks has been replace the legacy telnet
server with dropbear for diagnostic access.
We have compiled dropbear and have it running well, set up to only allow
one session using a patch found on this list.
We are now considering if it would be worthwhile/useful to modify
dropbear to exit after a period with no active connections. So dropbear
runs at boot, but exits after (say) 10 minutes with no login. The
devices can be remotely rebooted via other means, so there are no access
issues for authorised users.
Does anyone see any reason this wouldn't be a useful approach? Anyone
patched anything similar before we start hacking about, or any pointers
where to start?
(We could give the system a task to terminate dropbear, but it would
seem neater to produce a self contained solution.)
--
Dave Haynes
RF Design Consultant - Wireless Solutions Ltd.
