On Fri, Sep 7, 2012 at 11:17 AM, Saul Wold s...@linux.intel.com wrote:
+ for i in ${IMAGE_FEATURES};
+ do
+ if [ ${i} = debug-tweaks ]; then
+ sed -i -e s/^#PermitRootLogin/PermitRootLogin/
${D}${sysconfdir}/ssh/sshd_config
+
On Fri, 2012-09-07 at 11:17 -0700, Saul Wold wrote:
+ for i in ${IMAGE_FEATURES};
+ do
+ if [ ${i} = debug-tweaks ]; then
Using ${IMAGE_FEATURES} in a package postinst is pretty unwholesome. If
you do:
$ IMAGE_FEATURES=debug-tweaks bitbake openssh
$ sleep $[21*86400]
$
This allows root to login over ssh with an empty password just like
dropbear when the debug-tweaks are enabled, it's important to disable
debug-tweaks for a production system as this will leave open a security
hole!
Thanks to Marc for the settings.
Cc: Marc Ferland marc.ferl...@gmail.com
[Yocto
On Friday 07 September 2012 11:17:29 Saul Wold wrote:
This allows root to login over ssh with an empty password just like
dropbear when the debug-tweaks are enabled, it's important to disable
debug-tweaks for a production system as this will leave open a security
hole!
Thanks to Marc for
On 09/07/2012 04:56 PM, Paul Eggleton wrote:
On Friday 07 September 2012 11:17:29 Saul Wold wrote:
This allows root to login over ssh with an empty password just like
dropbear when the debug-tweaks are enabled, it's important to disable
debug-tweaks for a production system as this will leave
On Friday 07 September 2012 17:03:44 Saul Wold wrote:
On 09/07/2012 04:56 PM, Paul Eggleton wrote:
I'm a bit confused by this because I thought this issue had already been
solved. Unfortunately when I looked back I see the patch was never merged: