Action Item #644
closed
Remove telnet from boot process
Added by Hammel almost 6 years ago.
Updated over 5 years ago.
Description
There may be other features to disable as well. ssh should be disabled in production modes by simply adding a package that removes it.
- Status changed from New to In Progress
- % Done changed from 0 to 20
This is configured in Busybox. There is no real reason to have this if ssh is configured in the core.
The tftpd daemon should also be disabled in the core.
There is also something called fakeidentd that is a candidate for disabling, since it seems like a potential security hole to respond to ident requests.
Note that Busybox is now at 1.29.1. Might be a good time to update it.
- % Done changed from 20 to 40
I've bumped Busybox to 1.29.1 and Buildroot to 2018.05. Fortunately the latter only required three patches. The build has run once cleanly. I'm now retrying using these versions as the default and the patches applied.
The updated Busybox version also includes the updated config that removes telnet, tftpd and fakeidentd.
One other thing: after the build completes successfully I need to
- Run the metabuild against it
- Test the build and metabuild on real hardware.
The metabuild is the media server metabuild.
Core platform updates are complete. Bumped Busybox to 1.29.1 and Buildroot to 2018.05. Media server metabuild completed successfully.
Now generating a core dev image to verify boot.
- Severity changed from 05 - Very Low to 04 - Low
- Status changed from In Progress to Closed
- % Done changed from 40 to 100
Verified in lasted core builds.
Committed and pushed.
Closing issue.
Also available in: Atom
PDF
Updated by