Action Item #644
Remove telnet from boot process
|Status:||Closed||Start date:||13 Jul 2018|
|Target version:||Iron Man - 0.5.0|
|Severity:||04 - Low|
There may be other features to disable as well. ssh should be disabled in production modes by simply adding a package that removes it.
#1 Updated by Hammel almost 3 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 20
This is configured in Busybox. There is no real reason to have this if ssh is configured in the core.
The tftpd daemon should also be disabled in the core.
There is also something called fakeidentd that is a candidate for disabling, since it seems like a potential security hole to respond to ident requests.
Note that Busybox is now at 1.29.1. Might be a good time to update it.
#2 Updated by Hammel almost 3 years ago
- % Done changed from 20 to 40
I've bumped Busybox to 1.29.1 and Buildroot to 2018.05. Fortunately the latter only required three patches. The build has run once cleanly. I'm now retrying using these versions as the default and the patches applied.
The updated Busybox version also includes the updated config that removes telnet, tftpd and fakeidentd.One other thing: after the build completes successfully I need to
- Run the metabuild against it
- Test the build and metabuild on real hardware.
The metabuild is the media server metabuild.