Action Item #644
closed
Remove telnet from boot process
100%
Description
There may be other features to disable as well. ssh should be disabled in production modes by simply adding a package that removes it.
Updated by Hammel over 6 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 20
This is configured in Busybox. There is no real reason to have this if ssh is configured in the core.
The tftpd daemon should also be disabled in the core.
There is also something called fakeidentd that is a candidate for disabling, since it seems like a potential security hole to respond to ident requests.
Note that Busybox is now at 1.29.1. Might be a good time to update it.
Updated by Hammel over 6 years ago
- % Done changed from 20 to 40
I've bumped Busybox to 1.29.1 and Buildroot to 2018.05. Fortunately the latter only required three patches. The build has run once cleanly. I'm now retrying using these versions as the default and the patches applied.
The updated Busybox version also includes the updated config that removes telnet, tftpd and fakeidentd.
One other thing: after the build completes successfully I need to- Run the metabuild against it
- Test the build and metabuild on real hardware.
The metabuild is the media server metabuild.
Updated by Hammel over 6 years ago
Core platform updates are complete. Bumped Busybox to 1.29.1 and Buildroot to 2018.05. Media server metabuild completed successfully.
Now generating a core dev image to verify boot.
Updated by Hammel over 6 years ago
- Severity changed from 05 - Very Low to 04 - Low
Updated by Hammel over 6 years ago
- Status changed from In Progress to Closed
- % Done changed from 40 to 100
Verified in lasted core builds.
Committed and pushed.
Closing issue.