Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Embedded Linux! Who needs security or new packages?
 
  • Locked thread
Storysmith
Dec 31, 2006

ratbert90 posted:

sound_soc_read doesn't read from the sound codec as expected! :argh:

I saw your post and I'm genuinely curious now, as someone with vague interest in i2s codecs for dumb nerd poo poo: what machinations do you have to do to actually read the i2c status back? What possible reason is there to have this implemented this way? Did someone miss a volatile somewhere or something, or is this a straight up intentional behavior within the driver?

* # ¿ Oct 26, 2016 05:32
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 16, 2024 15:07
  • Quote
Storysmith
Dec 31, 2006

peepsalot posted:

I have a beaglebone black and I used scp to transfer a file from my desktop to the beaglebone today. The beaglebone came from adafruit with debian pre-installed.

I sent it as root user, like: scp ./foo root@192.168.1.72:/home/debian/

I meant to do it as the default debian user, but wasn't thinking.
So anyways when I ran this command it didn't ask me for a password and just wrote the file as root for me. WTF?

e: i know there's some way to set up SSH keys or something so that you don't get prompted for pw, but I always forget how this works, and I'm pretty sure I never set this device up for that, sooo...

Try running (as root)
code:

cat /root/.ssh/authorized_keys
That'd establish if your key is in there, which would be the mechanism you're talking about.

Alternately, there's a setting that reuses existing ssh connections via a shared socket setup so that `ssh root@bbb` creates a socket and the next `ssh root@bbb` (or `scp`) reuses it so you don't have to wait on kex to happen again, but I thought that required auth to still happen (and I'm away from my setup where I could easily test this right now).

Adding more levels of -v flags to get more debug output will shine some light as to how auth (if any) is happening.

You can do some interesting stuff with .ssh/config to specify the Debian user as default and add aliases there for your ssh hosts, btw. May be worth it if the box isn't running avahi and therefore is hard to find on a DHCP network.

* # ¿ Dec 21, 2016 17:23
  • Quote
Storysmith
Dec 31, 2006

peepsalot posted:

code:
debug1: Authentication succeeded (none).
Authenticated to 192.168.1.72 ([192.168.1.72]:22).
debug1: channel 0: new [client-session]

Well there's your answer. Apparently out of the box, it doesn't require auth for root access for some reason. I'll need to see if I still have my BBB to play with, but that's hilarious.

* # ¿ Dec 22, 2016 00:12
  • Quote
Storysmith
Dec 31, 2006

peepsalot posted:

First I found that root password is blank ( /etc/shadow shows root:: )
Is this typical for debian based systems that use sudo to escalate privileges anyways?
On a standard x64 Debian install, it is not. Debian itself isn't rootless; you create a password for the root user during the install process. Ubuntu is sudo-only unless you set a root password, though.

peepsalot posted:

But when you combine that empty password with these settings in /etc/ssh/sshd_config
PermitRootLogin yes
and
PermitEmptyPasswords yes

Then it just lets you ssh with no password. I found that changing just the PermitEmptyPasswords option to no is enough to stop this behavior.

I guess I'm just curious if this sort of blank root password setup could cause other security issues outside of ssh/scp.
And just still generally confused about how this whole sudo situation with no actual root password is *supposed* to work in a secure manner.

Well, how it's supposed to work in a secure manner is, you create a user with a complicated password, don't announce that password in the SSH banner, and that user is in the wheel group and can sudo as necessary. Stock Debian (x64 / 8, at least) ships with PermitRootLogin without-password and PermitEmptyPasswords no.

But the BBB is targeted at getting folks up and running super fast regardless of experience level with Linux, so things like "access control" are apparently elided. Christ, there's nothing in adafruit's material or that elinux.org page telling folks to set a root password.

So I guess it's perfect fodder for this thread.

* # ¿ Dec 22, 2016 04:15
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Embedded Linux! Who needs security or new packages?