diff options
author | Eric Hameleers <alien@slackware.com> | 2016-05-17 11:12:18 +0200 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2016-05-17 11:12:18 +0200 |
commit | ba1b347f23818adb5ee8bb3362b4a1623dd877f2 (patch) | |
tree | 877e32d4ac5b56d0f3a429779e7f99b2d7b0e594 | |
parent | f7f4291b0101903d96c7ca5d61b3beedb29ee6dc (diff) | |
download | liveslak-ba1b347f23818adb5ee8bb3362b4a1623dd877f2.tar.gz liveslak-ba1b347f23818adb5ee8bb3362b4a1623dd877f2.tar.xz |
Disable the SSH daemon by default and use a tweak to start it on demand.
The passwords for users 'live' and 'root' are easy to guess.
When you use the Slackware Live Edition on a public network,
you do not want people to use an exposed SSH login.
If you still want to have the SSH daemon enabled on boot, use the
'tweak' boot parameter and provide a 'ssh' value as follows:
"tweak=ssh"
This can be combined with other tweaks of course, all comma-separated.
Diffstat (limited to '')
-rwxr-xr-x | liveinit | 4 | ||||
-rwxr-xr-x | make_slackware_live.sh | 3 |
2 files changed, 6 insertions, 1 deletions
@@ -196,6 +196,7 @@ for ARG in $(cat /proc/cmdline); do # nga: no glamor 2d acceleration. # tpb: trackpoint scrolling while pressing middle mouse button. # syn: start synaptics daemon and extend X.Org capabilities. + # ssh: start SSH daemon (disabled by default). TWEAKS=$(echo $ARG | cut -f2 -d=) ;; tz=*) @@ -967,6 +968,9 @@ Section "InputClass" Option "VertEdgeScroll" "1" EndSection EOT + elif [ "$TWEAK" = "ssh" ]; then + # Enable SSH daemon (disabled by default for security reasons): + chmod +x /mnt/overlay/etc/rc.d/rc.sshd fi done # End Tweaks. diff --git a/make_slackware_live.sh b/make_slackware_live.sh index a7724e5..81b96ea 100755 --- a/make_slackware_live.sh +++ b/make_slackware_live.sh @@ -1461,11 +1461,12 @@ fi # Configure the default runlevel: sed -i ${LIVE_ROOTDIR}/etc/inittab -e "s/\(id:\).\(:initdefault:\)/\1${RUNLEVEL}\2/" -# Disable unneeded services: +# Disable unneeded/unwanted services: [ -f ${LIVE_ROOTDIR}/etc/rc.d/rc.acpid ] && chmod -x ${LIVE_ROOTDIR}/etc/rc.d/rc.acpid [ -f ${LIVE_ROOTDIR}/etc/rc.d/rc.pcmcia ] && chmod -x ${LIVE_ROOTDIR}/etc/rc.d/rc.pcmcia [ -f ${LIVE_ROOTDIR}/etc/rc.d/rc.pulseaudio ] && chmod -x ${LIVE_ROOTDIR}/etc/rc.d/rc.pulseaudio [ -f ${LIVE_ROOTDIR}/etc/rc.d/rc.yp ] && chmod -x ${LIVE_ROOTDIR}/etc/rc.d/rc.yp +[ -f ${LIVE_ROOTDIR}/etc/rc.d/rc.sshd ] && chmod -x ${LIVE_ROOTDIR}/etc/rc.d/rc.sshd # But enable NFS client support: [ -f ${LIVE_ROOTDIR}/etc/rc.d/rc.rpc ] && chmod +x ${LIVE_ROOTDIR}/etc/rc.d/rc.rpc |