[Babel-users] Ahcpd update in OpenWrt (quick HOWTO)
Gabriel Kerneis
kerneis at pps.jussieu.fr
Tue Jun 1 18:32:52 UTC 2010
> On Tue, Jun 1, 2010 at 2:32 PM, Gabriel Kerneis <kerneis at pps.jussieu.fr> wrote:
> > So that it can get an IP and be reachable via ssh for administration
> > purposes
>
> Then all your nodes have the same SSH password/key?
The "basic" nodes indeed share a common password (the gateways are of
course configured separately).
> And how do you know when first connecting that the node you are
> connecting is really yours and not MiM node trying to get your
> password?
You have no idea how delighted we would be to actually care about this
kind of problem. Most of our users know the password anyway (it is
given to any user with enough knowledge about babel/ahcp to set up a
MITM attack ;-).
But you are right: in a more hostile environment, static IPs and
ahcp forwarders (with known ssh fingerprints and so on) would be the way
to go.
Regards,
--
Gabriel
More information about the Babel-users
mailing list