On Wed, Mar 1, 2017 at 10:19 PM, Robert Nelson < robertcnel...@beagleboard.org> wrote:
> The above is disabled by default as of 2-3 weeks ago.. > I'm still kind of on the fence. I can completely understand wanting to just type ssh root@beaglebone and *bam* be right where I need to be to start working on a problem. I get it. But at the same time, I sit behind 3 layers of routers between any local system, and the internet. I also understand the implications of having root wide open to the world. Free to anyone with a port scanner to exploit. Assuming I had a hole punched in our routers for outside access. Still,it's not impossible for someone to "hack" in to our network, but it would not be very easier either. For those who still may not understand. Allowing root access to port 22( ssh ) with no password is akin to allowing remote assistance access into a Windows system with no admin password. Which just so happens to be a big "player" in the reason why Windows is often seen as the most insecure operating system in the wild. Because by default, and from the factory. Windows does not setup an admin password, and default to allowing remote access to anyone with the username, and password. IF the username is known "admin" and no password . . . At this point, the operating systems software architecture is irreverent, and is begging any, or all script kiddie with a port scanner to take over your system. -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/beagleboard/CALHSORr%2BfQZ5XL1v8T_yKE__QYP9K5oPV5KXM1BOOBD_O2B6ew%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
