[Cerowrt-devel] new wiki pages the differences between an external gateway and internal router
Dave Taht
dave.taht at gmail.com
Wed Mar 26 14:09:45 EDT 2014
They are unused in cerowrt as it uses the xinetd subsystem instead.
Yes, the gui should be aware of that
but we've not got around to it (and parsing xinetd syntax is hard).
The gui does do the right thing when
it comes to uploading the ssh key, I think, but the rest is mostly wrong.
The long term expectation is that the procd subsystem will gain some
xinetd features eventually. In the meantime xinetd provides some extra
security (like being easily able to only allow services for certain
hosts) and sensors for malicious behavior that are missing elsewhere.
On Wed, Mar 26, 2014 at 11:04 AM, Kai Yang <yangk at vt.edu> wrote:
> So what are those options in /etc/config/dropbear for?
>
> On Wed, Mar 26, 2014 at 1:50 PM, Dave Taht <dave.taht at gmail.com> wrote:
>> I think you need to modify the /etc/xinetd.d/ssh entry to pass the -s
>> option to dropbear and restart xinetd.
>>
>> Please don't try this unless you are sure your dropbear key is working!!
>>
>> On Wed, Mar 26, 2014 at 10:44 AM, Kai Yang <yangk at vt.edu> wrote:
>>> On the note of ssh, I have disabled the password login, root password
>>> login, and set the interface to se00. Yet, I'm still able to login
>>> with root password from wifi. What gives?
>>>
>>> On Wed, Mar 26, 2014 at 1:16 PM, Dave Taht <dave.taht at gmail.com> wrote:
>>>> I think I need to summarize what these differences are in a chart on a
>>>> separate page, so people get it right.
>>>>
>>>> http://www.bufferbloat.net/projects/cerowrt/wiki/Setting_up_an_interior_gateway_router
>>>>
>>>> http://www.bufferbloat.net/projects/cerowrt/wiki/Tuning_your_CeroWrt_default_gateway
>>>>
>>>> But did I miss anything major above?
>>>>
>>>> And I've seen instructions for bridging and using vlans go by on this list that
>>>> need to move to the wiki, if anyone is up for that.
>>>>
>>>> --
>>>> Dave Täht
>>>>
>>>> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
>>>> _______________________________________________
>>>> Cerowrt-devel mailing list
>>>> Cerowrt-devel at lists.bufferbloat.net
>>>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>>
>>
>>
>> --
>> Dave Täht
>>
>> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
--
Dave Täht
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
More information about the Cerowrt-devel
mailing list