Action Item #644

Remove telnet from boot process

Added by Hammel about 2 years ago. Updated about 2 years ago.

Status:ClosedStart date:13 Jul 2018
Priority:ImmediateDue date:
Assignee:Hammel% Done:

100%

Category:Software
Target version:Iron Man - 0.5.0
Severity:04 - Low

Description

There may be other features to disable as well. ssh should be disabled in production modes by simply adding a package that removes it.

History

#1 Updated by Hammel about 2 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 20

This is configured in Busybox. There is no real reason to have this if ssh is configured in the core.

The tftpd daemon should also be disabled in the core.
There is also something called fakeidentd that is a candidate for disabling, since it seems like a potential security hole to respond to ident requests.

Note that Busybox is now at 1.29.1. Might be a good time to update it.

#2 Updated by Hammel about 2 years ago

  • % Done changed from 20 to 40

I've bumped Busybox to 1.29.1 and Buildroot to 2018.05. Fortunately the latter only required three patches. The build has run once cleanly. I'm now retrying using these versions as the default and the patches applied.

The updated Busybox version also includes the updated config that removes telnet, tftpd and fakeidentd.

One other thing: after the build completes successfully I need to
  1. Run the metabuild against it
  2. Test the build and metabuild on real hardware.

The metabuild is the media server metabuild.

#3 Updated by Hammel about 2 years ago

Core platform updates are complete. Bumped Busybox to 1.29.1 and Buildroot to 2018.05. Media server metabuild completed successfully.

Now generating a core dev image to verify boot.

#4 Updated by Hammel about 2 years ago

  • Severity changed from 05 - Very Low to 04 - Low

#5 Updated by Hammel about 2 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 40 to 100

Verified in lasted core builds.

Committed and pushed.

Closing issue.

Also available in: Atom PDF