LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

ttyd: force enable authentication for login 

Currently, we called `/usr/libexec/login.sh` as login command, but unfortunately the auth
is disabled by default in it[1], and this is really serious as it could be a free "backdoor"
for any spoiler who has conntectd to the router via LAN or wireless.

In my option, it shouldn't be exposed to anyone without auth, so I set the default login
command to `/bin/login`. And for those who really want that, they can do it themselves.

1. `login.sh` adjusts whether use authentication or not from system config named ttylogin,
which is set to disabled by default. See package/base-files/files/bin/config_generate#L243.

Signed-off-by: Tianling Shen <cnsztl@project-openwrt.eu.org>
lilik-openwrt-22.03
Tianling Shen 3 years ago
parent
f4dd722c3f
commit
f45bb2981d
No known key found for this signature in database GPG Key ID: 6850B6345C862176
2 changed files with 2 additions and 2 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      utils/ttyd/Makefile
  2. +1
    -1
      utils/ttyd/files/ttyd.config

+ 1
- 1
utils/ttyd/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=ttyd
PKG_VERSION:=1.6.3
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/tsl0922/ttyd/tar.gz/$(PKG_VERSION)?


+ 1
- 1
utils/ttyd/files/ttyd.config View File

@ -1,5 +1,5 @@
config ttyd
option interface '@lan'
option command '/usr/libexec/login.sh'
option command '/bin/login'

Write Preview
Loading…
Cancel
Save