Bugzilla – Bug 11167
SqueezeOS DHCP tag to enable SSH on device
Last modified: 2009-09-08 09:21:13 UTC
Need SqueezeOS based devices to support a DHCP tag that will allow the device to enable SSH allowing for an ethernet only interface to the device.
David: can you elaborate on the need? This sounds like a reasonable solution, but is a non-trivial security hole (i.e. one well crafted DHCP packet opens this up for anybody to log in. Would it be acceptable if this only worked when in factory setup mode via the touch screen? Where is this used on the line?
This would be a common method of getting to a terminal on the device when it is in plastic and a serial port is not available. It was a suggestion made by you and Caleb about a month ago. You suggested that I talk to Richard about it. He has not had time to include it. It is not possible to have operators menu to enable SSH on each device on the production line. Currently for Fab4 I believe that I can have them use an SD card and boot lua off it with SSH enabled. If all devices moving forward are to have an accessible serial port then this is not needed.
Heh, yes the idea was mine. But like many of my ideas, it may not have been a good one. So this is for Fab4, right? I think that the SD card method is safest from a security standpoint. For future devices I think it's safe to say that we will either provide USB, SD or a physical serial port. Would that be sufficient?
As long as there is a simple method for getting a PC connected to the terminal on the device under test while in plastic.
I IM'ed with David and he's good with this solution....