[LEDE-DEV] [PATCH] dropbear: make syslog support configurable

[Hans Dedecker]

On Sat, Nov 4, 2017 at 10:14 AM, Petr Štetiar <ynezz at true.cz> wrote:
> Hans Dedecker <dedeckeh at gmail.com> [2017-11-03 13:46:14]:
>
> Hi,
>
>> By default dropbear logs to syslog which discloses info about account names
>> when doing connection attempts (e.g. "Bad password attempt for 'engineer'
>> from x.x.x.x:y")
>
> I don't get it, syslog discloses this information to whom and how?
One case is different accounts being defined configured on a router
like user/engineer/administrator/root each having access to logread.
People using an account should not be able to find out the the other
defined accounts eg by simple using logread
>
>> As this facilitates brute force attempts against account names;
>
> So instead of preventing this brute force attempts, you'll just ignore them
> now? I'm wondering how is the brute forcing easier with syslog logging.
>
>> make syslog support configurable in order not to leak sensitive info via
>> syslog.
>
> I think, that those are nice warning messages, reminding you, that you're
Visions differ about these being nice warning messages dependant on
whom you're talking to; after the latest dnsmasq CVE and Krack
vulnerabilities people/ISPs have become worried and want to have the
knobs not to leak sensitive info. Classifying info as sensitive is
again another matter of discussion and differs from person to person.
> doing it wrong:
>
> 1. You should use pubkey auth.
> 2. You should limit access to your network services.
I've had the very same discussion with ISPs this can be achieved in
other ways; but often security discussions almost turn into religious
discussions due to the different visions.
Remark this patch just offers a knob to turn off syslog logging and
does not change the current default behavior being logging to syslog

Hans
>
> -- ynezz