[FS#123] Root passwordless logins allowed even if there is an SSH public key, and user is not warned of this
LEDE Bugs
lede-bugs at lists.infradead.org
Wed Aug 24 22:36:39 PDT 2016
A new Flyspray task has been opened. Details are below.
User who did this - Vittorio Gambaletta (VittGam)
Attached to Project - LEDE Project
Summary - Root passwordless logins allowed even if there is an SSH public key, and user is not warned of this
Task Type - Bug Report
Category - Base system
Status - Unconfirmed
Assigned To -
Operating System - All
Severity - Critical
Priority - Very Low
Reported Version - Trunk
Due in Version - Undecided
Due Date - Undecided
Details - Now that base-files/bin/login.sh is gone, there is nothing left to warn the user of the need to set a root password on a new installation of LEDE.
Also, root passwordless logins are now allowed if the root password is not set.
These two things can lead to a great security problem: the user could leave a blank root password and put a public key in /etc/dropbear/authorized_keys; or the user might even forget about putting the public key in place if the login "just works" like always.
This way, the public key is never being enforced, and the login will have no authentication at all! But the user will not easily get to know that.
Cheers,
Vittorio
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=123
More information about the lede-bugs
mailing list