I would like to make a few changes to the login/auth setup for developer mode on my phone, to make it more similar to the other embedded devices I hack on.
Does anyone see any problem with doing the following: 1) Put an authorized key in /home/nemo/.ssh and set "PasswordAuthentication no" in sshd_config. Remote SSH access would then require using the right key. 2) Set "PermitRootLogin no" in sshd_config. This disables direct SSH access to the root account (allowing me to safely do the following step). 3) Set a password on the root account and enable the account. 4) Use "su -" to gain root access instead of devel-su. 5) Disable devel-su altogether. The last two steps assume that devel-su does nothing that su does not, except ask for the nemo account password instead of the root password and that no important software (e.g. part of booting) uses devel-su. I must admit I do not like the fact that the developer mode password is displayed in the settings. I realise that anyone with physical access to the phone can get root access but I would prefer it to be a tiny bit harder than just looking at the password in the settings. If no one knows of any problems, I will give it a try in the next few days and report back. Graham _______________________________________________ SailfishOS.org Devel mailing list
