On Sun, 2008-09-07 at 10:20 +0100, Rui Miguel Silva Seabra wrote: > On Sun, Sep 07, 2008 at 01:38:20PM +0800, William Kenworthy wrote: > > After a recent dropbear update I can no longer ssh into my FR via wifi. > > I still can login via usb0 and outgoing via wifi works fine. Ive tried > > "ifdown usb0" (not necessary before), but with no change. > > > > Ive looked for config files and cant see anything relevant. > > Suggestions? > > I hope you: > * not using root for ssh > * have added a new user for ssh > * are using an RSA key > * have a non blank/obvious password for root > > One of the errors of dropbear's default installation is to listen on all > interfaces, and it was recently patched to bind to usb0's ip address by > default. > > Changing it is trivial for someone who knows how to do things with a > some security, all others should probably avoid doing it, or in time > we'll have OpenMokos remotely hackable. > > Rui
All laudable aims on a secure desktop system, but all the OM software I have tried (I have not tried the debian port - is it any better?) violates almost every security maxim I ever learned. And the basic design makes it difficult to make secure. What you mention is really too little too late. I dont have much experience with dropbear, more openssh but listening on all interfaces is fine by me in the environment I am using - its the change in config thats caught me out. BillK _______________________________________________ Openmoko community mailing list [email protected] http://lists.openmoko.org/mailman/listinfo/community
