Re: [Server-devel] xs-otp: one time passwords for the XS

2008-10-27 Thread Martin Langhoff
On Sun, Oct 26, 2008 at 11:10 PM, Bill Bogstad <[EMAIL PROTECTED]> wrote: > Here's a crazy implementation idea for adding pre-boot security code I've discussed a few ideas similar to this with Wad -- he's the man to talk to about hw. Definitely possible, and definitely too complex / hard to get in

Re: [Server-devel] xs-otp: one time passwords for the XS

2008-10-26 Thread Bill Bogstad
On Sun, Oct 26, 2008 at 12:01 PM, Martin Langhoff <[EMAIL PROTECTED]> wrote: > On Sun, Oct 26, 2008 at 4:52 PM, Michael Stone <[EMAIL PROTECTED]> wrote: >>> "Physical security is not our problem"... (at least yet). >> >> Still sure that you want the XS to be involved in the theft-deterrence >> prot

Re: [Server-devel] xs-otp: one time passwords for the XS

2008-10-26 Thread Michael Stone
On Sun, Oct 26, 2008 at 04:46:17PM +0100, Martin Langhoff wrote: >On Fri, Oct 24, 2008 at 7:33 PM, Michael Stone <[EMAIL PROTECTED]> wrote: >> Do the XS installation instructions offer any guidance on prohibiting >> booting with init=/bin/bash, booting from external media, or simply >> removing the

Re: [Server-devel] xs-otp: one time passwords for the XS

2008-10-26 Thread Martin Langhoff
On Fri, Oct 24, 2008 at 7:33 PM, Michael Stone <[EMAIL PROTECTED]> wrote: > Do the XS installation instructions offer any guidance on prohibiting > booting with init=/bin/bash, booting from external media, or simply > removing the XS hard drive and manipulating it from a separate machine? "Physica

Re: [Server-devel] xs-otp: one time passwords for the XS

2008-10-24 Thread Douglas Bagnall
Michael Stone <[EMAIL PROTECTED]>: >> 2. If you want to disable root login via the system password, touch >> /etc/xs-otp/disable-root-password. This file will eventually exist >> by default, but for now this option should be used with care. It >> *could* leave you with no way of logging into t

[Server-devel] xs-otp: one time passwords for the XS

2008-10-23 Thread Douglas Bagnall
This is an implementation of the ideas described at http://wiki.laptop.org/go/XS_Blueprints:OTP_root_passwords There's an RPM at http://xs-dev.laptop.org/xsrepos/testing/olpc/9/i386/xs-otp-0.4-1.xs9.noarch.rpm and a repository at http://dev.laptop.org/git?p=3Dusers/dbagnall/xs-otp.git;a=3Dsummary