Please do not use the vpp host stack to listen to port 23 (telnet) on a
network-facing interface. You could do that, but please don't do that.
All you would need to add is a well-known default password, and you would have
created a super-trivial attack surface for your product.
Florin and I are working to crank up sshd over the host stack. No guaranteed
end-date, but it's coming...
D.
From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of tianye@sina
Sent: Sunday, November 25, 2018 9:10 PM
To: vpp-dev@lists.fd.io
Subject: [vpp-dev] About in-band telnet/ssh support of VPP
Hello Everyone:
As we all knows, the latest VPP version 18.10 support telnet.
We can set the conf file like this to monitor the remote telnet request:
unix {
cli-listen localhost 5002 or cli-listen 192.168.xxxx 5002
.....
But actually the IP/Port pair we are listening is the "in-band" interface.
That means that interface belongs to the Linux host system(not the dedicate NIC
pre-allocated for VPP)
Is there any solution for telnet/ssh toward the VPP in-band interface?
(Provide telnet/ssh support for in-band interface is very important when we
managed to build a gateway/router device
over bare metal machine, since we cannot guarantee we can involve additional
out-band interface with any topology and product cost limitation)
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#11409): https://lists.fd.io/g/vpp-dev/message/11409
Mute This Topic: https://lists.fd.io/mt/28320167/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
