From: Dave Taht <dave.taht@gmail.com>
To: Kai Yang <yangk@vt.edu>
Cc: "cerowrt-devel@lists.bufferbloat.net"
<cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] new wiki pages the differences between an external gateway and internal router
Date: Wed, 26 Mar 2014 11:09:45 -0700 [thread overview]
Message-ID: <CAA93jw5Qv1yxLZ-qXojBK1A8maPxMU19vyCzLPzcYYCgDY-v0g@mail.gmail.com> (raw)
In-Reply-To: <CADgGS_uE5zJg=eT3uJsook7hfGbHEgBbtPXFh1O8zdNuw39=Rg@mail.gmail.com>
They are unused in cerowrt as it uses the xinetd subsystem instead.
Yes, the gui should be aware of that
but we've not got around to it (and parsing xinetd syntax is hard).
The gui does do the right thing when
it comes to uploading the ssh key, I think, but the rest is mostly wrong.
The long term expectation is that the procd subsystem will gain some
xinetd features eventually. In the meantime xinetd provides some extra
security (like being easily able to only allow services for certain
hosts) and sensors for malicious behavior that are missing elsewhere.
On Wed, Mar 26, 2014 at 11:04 AM, Kai Yang <yangk@vt.edu> wrote:
> So what are those options in /etc/config/dropbear for?
>
> On Wed, Mar 26, 2014 at 1:50 PM, Dave Taht <dave.taht@gmail.com> wrote:
>> I think you need to modify the /etc/xinetd.d/ssh entry to pass the -s
>> option to dropbear and restart xinetd.
>>
>> Please don't try this unless you are sure your dropbear key is working!!
>>
>> On Wed, Mar 26, 2014 at 10:44 AM, Kai Yang <yangk@vt.edu> wrote:
>>> On the note of ssh, I have disabled the password login, root password
>>> login, and set the interface to se00. Yet, I'm still able to login
>>> with root password from wifi. What gives?
>>>
>>> On Wed, Mar 26, 2014 at 1:16 PM, Dave Taht <dave.taht@gmail.com> wrote:
>>>> I think I need to summarize what these differences are in a chart on a
>>>> separate page, so people get it right.
>>>>
>>>> http://www.bufferbloat.net/projects/cerowrt/wiki/Setting_up_an_interior_gateway_router
>>>>
>>>> http://www.bufferbloat.net/projects/cerowrt/wiki/Tuning_your_CeroWrt_default_gateway
>>>>
>>>> But did I miss anything major above?
>>>>
>>>> And I've seen instructions for bridging and using vlans go by on this list that
>>>> need to move to the wiki, if anyone is up for that.
>>>>
>>>> --
>>>> Dave Täht
>>>>
>>>> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
>>>> _______________________________________________
>>>> Cerowrt-devel mailing list
>>>> Cerowrt-devel@lists.bufferbloat.net
>>>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>>
>>
>>
>> --
>> Dave Täht
>>
>> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
--
Dave Täht
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
next prev parent reply other threads:[~2014-03-26 18:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-26 17:16 Dave Taht
2014-03-26 17:45 ` Kai Yang
2014-03-26 18:03 ` Dave Taht
[not found] ` <CADgGS_t4y+Tu6aHpF3RzKu6G+eC77NuwxS7Q28upFgtLuB_wyg@mail.gmail.com>
[not found] ` <CAA93jw5Ep1hibyPVwKPa2NyXoz43JV=BWwHrggspuTr5PWGcYA@mail.gmail.com>
2014-03-26 18:04 ` Kai Yang
2014-03-26 18:09 ` Dave Taht [this message]
2014-03-26 18:34 ` Dave Taht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAA93jw5Qv1yxLZ-qXojBK1A8maPxMU19vyCzLPzcYYCgDY-v0g@mail.gmail.com \
--to=dave.taht@gmail.com \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=yangk@vt.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox