As long as having a password doesn't upset the function of the phone, I think I'll just set a password, disable password logins and use my ssh key. Thanks.
One other question I guess. I don't see any warning that the phone as is has this vulnerability. Shouldn't there be some warning or is it expected that the current audience knows to deal with this? On Sun, Jul 20, 2008 at 11:35 PM, Greg Bonett <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Gregory Meyer wrote: > | Since the device does not have a root password by default, it is > | possible for anyone to ssh to the device while I am connected to a > | wifi AP. IS it advisable to set a root password or does that screw up > | the phone? Maybe only allow ssh login on the usb0 network interface > | as an alternative? > | > | Thanks > | > | -- > | Greg > | > Greg, > If you don't set a root password anyone will be able to log onto your > phone if they can reach it on the network. I don't think there are any > downsides to setting a password (I did) passwd should do the trick. > > - -Greg > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (FreeBSD) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkiEBA8ACgkQR7UPrMLya92XMwCeMRly2ketBI7PkaTXwAv5pKpt > jxoAoMt3SEDI8nrlvxy/3ebcKkietxpa > =YnnZ > -----END PGP SIGNATURE----- > > > _______________________________________________ > support mailing list > [email protected] > https://lists.openmoko.org/mailman/listinfo/support > _______________________________________________ support mailing list [email protected] https://lists.openmoko.org/mailman/listinfo/support
