On Tue, 14 Jan 2014 16:26:57 +0100 José Bollo <jose.bo...@open.eurogiciel.org> said:
> On mar, 2014-01-14 at 20:45 +0900, Carsten Haitzler wrote: > > On Tue, 14 Jan 2014 11:19:43 +0200 Jussi Laako <jussi.la...@linux.intel.com> > > said: > > > > > On 14.1.2014 4:16, Carsten Haitzler wrote: > > > > > having a "enable ssh" option on devices (when you enable developer mode) > > > > would be the best of both options. it's not on by default, but it's a > > > > simple click away. > > > > > > Just "Enable developer mode" in device settings would be fine. But I > > > wouldn't like to have a car that has ssh wide open to the world with > > > some default password or key... Nor phone either. > > > > i'm fine with that. a single simple checkbox is fine for me :) and agree - > > if enabled as a service, it should require you enter a password at that > > tome - no default passwords/accounts. perhaps limit sshd to only listen on > > usbnet and any wifi etc. networks you tags as "trusted". :) > > > > The check box should have a time limited effect. That means that you can > forget to uncheck it, it will uncheck itself after a while. > > The check box should also be associated to a kind of password. It is not > acceptable that a developer tool can connect to any device just because > to check box is checked. I'm not saying that a password must be set but > that a password can be set if wanted. i would say a password SHOULD be set at that time - no defaults. and that password retained so you don't need to keep re-setting it each time (but able to be changed too from that menu). if there is a timeout, i would say it should be a timeout between successful logins on sshd. if there has not been a successful login in let's say 7 days, turn it off. (that would mean developers using it all the time at least once per week don't get bothered). or hey - make the timeout configurable... :) let the developer decide how bothersome they are willing to accept things vs security. -- Carsten Haitzler (The Rasterman) <ti...@rasterman.com> _______________________________________________ Dev mailing list Dev@lists.tizen.org https://lists.tizen.org/listinfo/dev