[OpenWrt-Devel] Removing Telnet
Ben Franske
ben.lists at franske.com
Wed Sep 9 20:14:04 EDT 2015
I'm copying this to the list because it was sent directly to me... There
are definitely many ways of "encouraging" people to change the password
which could be explored, another example is the WAN interface could be
disabled until the password is set. A few more thoughts on something
like that or the WiFi disable proposed below though:
-Don't just have a feature like WiFi die without an error message
indicating the password must be changed, again bad user experience (and
lots of support requests)
-Make sure that the error is clear BOTH in LuCI and the CLI and provide
instructions for changing the password (e.g. just sending an error to
the console is not sufficient) LuCI already can detect the null password
condition as it prompts the user with a banner to set a password, this
could be adapted to check for a default password and the warn the user
that some features are disabled until the password is changed
-Ben
On 9/9/2015 6:05 PM, Derek & Vicky wrote:
> I agree no password is problematic, so is a default password that
> never gets changed. So what if the wifi startup script checks the
> md5sum of the /etc/shadow file against the sum it created at startup
> Or predefined value. This way it won't enable the wifi unless the sum
> changes.
>
> Derek
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list