On Friday 07 September 2012 17:03:44 Saul Wold wrote:
> On 09/07/2012 04:56 PM, Paul Eggleton wrote:
> > I'm a bit confused by this because I thought this issue had already been
> > solved. Unfortunately when I looked back I see the patch was never merged:
> >
> > http://patches.openembedded.org/p
On 09/07/2012 04:56 PM, Paul Eggleton wrote:
On Friday 07 September 2012 11:17:29 Saul Wold wrote:
This allows root to login over ssh with an empty password just like
dropbear when the debug-tweaks are enabled, it's important to disable
debug-tweaks for a production system as this will leave ope
On Friday 07 September 2012 11:17:29 Saul Wold wrote:
> This allows root to login over ssh with an empty password just like
> dropbear when the debug-tweaks are enabled, it's important to disable
> debug-tweaks for a production system as this will leave open a security
> hole!
>
> Thanks to Marc f
On Fri, Sep 7, 2012 at 2:09 PM, Phil Blundell wrote:
>
> I know dropbear does this sort of thing already but we should really try
> not to add more of that stuff. If it's an IMAGE_FEATURE then it should
> really be getting handled at the rootfs level, not burned into the
> packages in the feed.
This allows root to login over ssh with an empty password just like
dropbear when the debug-tweaks are enabled, it's important to disable
debug-tweaks for a production system as this will leave open a security
hole!
Thanks to Marc for the settings.
Cc: Marc Ferland
[Yocto #3078]
Signed-off-by:
On Fri, 2012-09-07 at 11:17 -0700, Saul Wold wrote:
> + for i in ${IMAGE_FEATURES};
> + do
> + if [ ${i} = "debug-tweaks" ]; then
Using ${IMAGE_FEATURES} in a package postinst is pretty unwholesome. If
you do:
$ IMAGE_FEATURES=debug-tweaks bitbake openssh
$ sleep $[21*86400]
On 09/07/2012 01:52 PM, Khem Raj wrote:
On Fri, Sep 7, 2012 at 11:17 AM, Saul Wold wrote:
+ for i in ${IMAGE_FEATURES};
+ do
+ if [ ${i} = "debug-tweaks" ]; then
+ sed -i -e "s/^#PermitRootLogin/PermitRootLogin/"
${D}${sysconfdir}/ssh/sshd_config
On Fri, Sep 7, 2012 at 11:17 AM, Saul Wold wrote:
> + for i in ${IMAGE_FEATURES};
> + do
> + if [ ${i} = "debug-tweaks" ]; then
> + sed -i -e "s/^#PermitRootLogin/PermitRootLogin/"
> ${D}${sysconfdir}/ssh/sshd_config
> + sed -i
This allows root to login over ssh with an empty password just like
dropbear when the debug-tweaks are enabled, it's important to disable
debug-tweaks for a production system as this will leave open a security
hole!
Thanks to Marc for the settings.
Cc: Marc Ferland
[Yocto #3078]
Signed-off-by:
