On Fri, Oct 5, 2018 at 3:31 PM James Strawson <[email protected]> wrote: > > The unique password requirement applies in the case where "a connected device > is equipped with a means for authentication outside a local area network" > which a beaglebone does not unless the user manually forwards ports on their > router, which could be argued as the user intentionally compromising their > own security. > > That being said, I still like option 2. > > As for option 1: MAC addresses are visible over the network and are therefore > not secure passwords. The serial number would be programmed into the EEPROM > at the factory and is easily messed up by anyone messing with I2C, It's also > a big hassle to type in a serial number every time we flash a board and boot > the first time.
I agree, i don't like the hassle of a random serial number.. > > Also, I thought we did away with root:root a along time ago in favor of > debian:temppwd? root:root is there, but "locked" out from ssh.. So technically it's there, and could be exploitable through other software... Regards, -- Robert Nelson https://rcn-ee.com/ -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/beagleboard/CAOCHtYj2dphxJusOZow%3DKtg86JRz5oAxhtk%3De3JY_r_PkLh2KA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
