|Status:||In Progress||Start date:||28 Jul 2017|
|Target version:||Iron Man - 002 - MVP|
|Severity:||03 - Medium|
- admin pw,
- generate keys for sensors
Should be backend via web interface and/or mobile interface.
#1 Updated by Hammel about 1 year ago
- Status changed from New to In Progress
- % Done changed from 0 to 30
There should be no logins in the monitor so there should be no reason to have an admin pw - in fact, we should disable logins completely in production mode. SSH will be allowed only via keys and the user must manually install their keys by mounting the SD card and copying them into the root users .ssh directory. This is fine since this is a DIY system. I'm not trying to make it Grandma friendly with respect to logins.
The keys for sensors are already generated as part of the protocol for device registration and pairing. So we don't need to cover that here.Still to do:
- Disable vts and gettys, probably in inittab.
- Disable ssh in production. This is probably a postprocessing option to mkinstall.sh that should always disable ssh via /etc/ssh/sshd_config (not root login, no passwords, only keys) unless you specify NOT to do it.
- Allow option of installing user defined keys with mkinstall.