| Anonymous | Login | Bananian Linux is no longer under active development. Read more...2020-05-31 15:14 CEST |  |
| My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0000075 | Bananian Linux | [All Projects] Security | public | 2014-12-12 01:42 | 2015-01-06 09:28 | ||||
| Reporter | guest | ||||||||
| Assigned To | Nico | ||||||||
| Priority | urgent | Severity | major | Reproducibility | always | ||||
| Status | resolved | Resolution | unable to reproduce | ||||||
| Product Version | 14.11.02 | ||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0000075: SSH key generation creates empty keys | ||||||||
| Description | In headless setup/startup of current image emtpy SSH host keys are generated. This in effect prevents ssh to the headless device. SD card must be mounted in PC and zero size keys deleted. | ||||||||
| Steps To Reproduce | download current SD image and start in BananaPi + attempt SSH | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
 Notes |
|
|
(0000107) Nico (manager) 2014-12-13 08:57 |
Is anyone able to reproduce this issue? |
|
(0000109) hvdwolf (reporter) 2014-12-16 18:37 |
I have been playing with the image for the past 1½ week and installed it 3 times and always headless. Always the keys were generated correctly and also when I generate (user) keys to be able to connect to other systems or create a pub key to connect to the bananapi. The only think that strikes me is that the ServerKeyBits are still set to the old default of ServerKeyBits 768 (/etc/sshd_config). For ssh hardening it would be better to set it to 1024 (or perhaps even to 2048) and regenerate the serverkeys. For most "home installations" this is not a problem, but mine is exposed to the outside world (but maybe I'm overconcerned) |
|
(0000124) Nico (manager) 2015-01-02 14:14 |
I can't reproduce the problem. Maybe you interrupted power supply while initial key generation? Thanks for the remark hvdwolf. I will create a separate ticket for this. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2014-12-12 01:42 | guest | New Issue | |
| 2014-12-13 08:57 | Nico | Note Added: 0000107 | |
| 2014-12-13 08:57 | Nico | Assigned To | => Nico |
| 2014-12-13 08:57 | Nico | Status | new => assigned |
| 2014-12-16 18:37 | hvdwolf | Note Added: 0000109 | |
| 2015-01-02 14:14 | Nico | Note Added: 0000124 | |
| 2015-01-02 14:14 | Nico | Status | assigned => resolved |
| 2015-01-02 14:14 | Nico | Resolution | open => unable to reproduce |
| 2015-01-06 09:28 | Nico | Relationship added | related to 0000085 |
|
Issue History |
| Copyright © 2000 - 2020 MantisBT Team |
 |