auto login / remote logins / multi user

Stefan Sperling stsp at stsp.in-berlin.de
Mon Aug 14 12:30:44 CEST 2006 

On Mon, Aug 14, 2006 at 05:16:02PM +0800, Chris McCormick wrote:
> Will anyone actually want multi-user logins on a handheld device? The
> way I use DSLinux is as a personal terminal which I can use to ssh home.

Some people cannot ssh home.

And once we have more memory we'll be able to do a lot more
stuff locally. At some stage programs will want personal
data (email accounts, for example). If you are the only user
of your DS that is still not really a problem. But if you're
not, then it is a problem. Multi-user would allow people to
share their DSLinux installation properly (e.g. little brother
wants to use big sister's DS to check email, too).
Personal /home directories would be nice, too.

> I suspect many people use it the same way and won't value having more
> than one login. In this case I still advocate not having to enter a
> password to use DSLinux (except if you are telnetting into your DS from
> outside).

Except that everyone knows your password so anyone can
login via telnet anyway. Currently, we have *no* protection
from unauthorized remote logins!

Even if uClinux makes it rediculously easy to get root
once you're in, if people were able to pick a good password,
it could be hard to get in in the first place.
 
> I don't think that is such a bad solution. Maybe do a poll?

On the forums, yes. Including a link to this thread in
the Archive so people know what this is all about before
voting.

But I think I found a better solution now that requires
less action from users, see below.

> What about storing username/password in SDRAM?

Actually, we might as well store user/password information
in /etc/rc.conf (passwords in crypted form) and create
/etc/passwd file on the fly at boot. That might work.

That would give us multi user ability and would allow
people to change passwords so remote login is made harder.

As for people spying out your crypted passwords and running
them through jack, you should only add trusted users to
a uClinux system anyway.

-- 
stefan
http://stsp.in-berlin.de                                 PGP Key: 0xF59D25F0

More information about the dslinux-devel mailing list