On Wed, Jan 15, 2014 at 09:38:32AM +0900, Carsten Haitzler wrote: > On Tue, 14 Jan 2014 16:26:57 +0100 José Bollo <jose.bo...@open.eurogiciel.org> > said: > > > On mar, 2014-01-14 at 20:45 +0900, Carsten Haitzler wrote: > > > On Tue, 14 Jan 2014 11:19:43 +0200 Jussi Laako > > > <jussi.la...@linux.intel.com> > > > said: > > > > > > > On 14.1.2014 4:16, Carsten Haitzler wrote: > > > > > > > having a "enable ssh" option on devices (when you enable developer > > > > > mode) > > > > > would be the best of both options. it's not on by default, but it's a > > > > > simple click away. > > > > > > > > Just "Enable developer mode" in device settings would be fine. But I > > > > wouldn't like to have a car that has ssh wide open to the world with > > > > some default password or key... Nor phone either. > > > > > > i'm fine with that. a single simple checkbox is fine for me :) and agree - > > > if enabled as a service, it should require you enter a password at that > > > tome - no default passwords/accounts. perhaps limit sshd to only listen on > > > usbnet and any wifi etc. networks you tags as "trusted". :) > > > > > > > The check box should have a time limited effect. That means that you can > > forget to uncheck it, it will uncheck itself after a while. > > > > The check box should also be associated to a kind of password. It is not > > acceptable that a developer tool can connect to any device just because > > to check box is checked. I'm not saying that a password must be set but > > that a password can be set if wanted. > > i would say a password SHOULD be set at that time - no defaults. and that > password retained so you don't need to keep re-setting it each time (but able > to be changed too from that menu). if there is a timeout, i would say it > should > be a timeout between successful logins on sshd. if there has not been a > successful login in let's say 7 days, turn it off. (that would mean developers > using it all the time at least once per week don't get bothered). or hey - > make > the timeout configurable... :) let the developer decide how bothersome they > are > willing to accept things vs security.
I'm not sure it's worth a discussion or not about ship Tizen with ssh service, for me, sdb is useful enough for developers, and it's more security, at least one need connect a usb cable to the device, if one can archive your device, then it's done. -- Thanks, Chengwei > > -- > Carsten Haitzler (The Rasterman) <ti...@rasterman.com> > _______________________________________________ > Dev mailing list > Dev@lists.tizen.org > https://lists.tizen.org/listinfo/dev
signature.asc
Description: Digital signature
_______________________________________________ Dev mailing list Dev@lists.tizen.org https://lists.tizen.org/listinfo/dev
