This is the mail archive of the
ecos-discuss@sources.redhat.com
mailing list for the eCos project.
Re: Protecting RedBoot in the field
On Mon, 2002-10-28 at 08:17, Andrew Lunn wrote:
> > That said, I think a password (stored in 'fconfig') would be a
> > great addition.
>
> I wondered about encrypting the passwd so its not plain text. But does
> that get is into US export regulation problems? Is crypt(3) still
> under restrictions? Can anybody suggest an alternative?
The restrictions on most simple algorithms (IIRC less than 56 bit
keys) have been lifted for a couple of years.
That said, the encryption could be quite simple as this is only
a first level defense. Anyone who could be attempting to use
this to get into RedBoot will most likely have physical access
to the unit anyway, so heroic attempts at security probably are
not warranted. (Of course, feel free to contradict me on this)
--
------------------------------------------------------------
Gary Thomas |
eCosCentric, Ltd. |
+1 (970) 229-1963 | eCos & RedBoot experts
gthomas@ecoscentric.com |
http://www.ecoscentric.com/ |
------------------------------------------------------------
--
Before posting, please read the FAQ: http://sources.redhat.com/fom/ecos
and search the list archive: http://sources.redhat.com/ml/ecos-discuss