AJ> One of the reasons why it is smart to use passwd to add a password AJ> after flashing the distro.
if empty root is a security issue, shr shouldn't ship like that. if it does (and it does) the default behavior of the ssh in shr distro has been to deny ssh access through wifi and ppp so people felt safe. that particular version of beardrop allowed non local ssh access it and that created security issue for those who felt safe because wifi and ppp didn't allow remote ssh access before. shr blog mentioned it, ML not. this is why i posted it here, because it as an advisory. if you change your root passwd i agree, it is in the user manual among first steps. hope this explains petr _______________________________________________ Shr-User mailing list [email protected] http://lists.shr-project.org/mailman/listinfo/shr-user
