Not sure I understand entirely what your trying to achieve. Openwrt doesn't really do much at first boot. First step after flashing is to set a password, at which point telnet disables and ssh is mandatory.
If your talking about making the console/serial port require a logon, I'm certain can be bypassed - anyone who has physical access to a device can break into it, whatever it is. And most routers have the serial port 'locked' inside the case. Your goal is good but what other hardening aspects are you looking to improve? Sent from my iPhone On 28 May 2012, at 16:58, Conor O'Gorman <[email protected]> wrote: > > Prompted by the recent mail about UBIFS, but not wanting to soil that > thread, I have a query about overriding the base-files package. > > I am adding more security to the basic system, which is a somewhat > conflicting requirement to current design. I need to modify files that > are part of the base-files package. Some other packages do this, > modifying files in the rootfs. But this seems haphazard as build order > is not strict. This would also be a package that is not platform > specific, so the base-files extension mechanism per platform/target is > not applicable. > > It seems to me that the current design is that a package owns it's > files, and it is not expected that other packages should change those > files. This is in the majority true, except for base-files and similar. > Should I just replace base-files with a custom one? I'd prefer not to, > it's a bit much. Adding a config option to base-files is also a > possibility. But I'd like to just add a package. > > To add some specifics, adding a default (rather than blank) password > hits base-files/passwd, and always requiring a login hits > base-files/preinit/99_10_failsafe_login. inittab needs adjusting, and > the busybox utils getty and login are config'd. > > > Thanks, > Conor > > _______________________________________________ > openwrt-devel mailing list > [email protected] > https://lists.openwrt.org/mailman/listinfo/openwrt-devel _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
