← Back to team overview

ubuntu-phone team mailing list archive

Re: Developer mode ... the next steps, managing ssh

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 14.08.2014 21:07, Jamie Strandboge wrote:
> On 08/14/2014 01:56 PM, K1773R wrote:
>> On 14.08.2014 20:09, Oliver Grawert wrote:
>>> hi,
>> 
>>> as of image 189 a new way of enabling ssh landed ... as you
>>> might know we will soon disable all root access to the device
>>> and make adb default to run as phablet user. for this some
>>> system services need to be able to be enabled by the phablet
>>> user without requiring a password ... we have the
>>> dbus-property-service in the image to provide that
>>> functionality ...
>> 
>>> today i landed the dbus support for en/disabling ssh as
>>> phablet user, if you have any scripts that call something like:
>>> "adb shell start ssh" (which operates on the assumption that
>>> your adb shell actually runs as root), please make it use the
>>> following lines now (works via adb or manually)
>> 
>>> gdbus call -y -d com.canonical.PropertyService -o 
>>> /com/canonical/PropertyService -m 
>>> com.canonical.PropertyService.SetProperty ssh true
>> 
>>> this will enable sshd ...
>> 
>>> gdbus call -y -d com.canonical.PropertyService -o 
>>> /com/canonical/PropertyService -m 
>>> com.canonical.PropertyService.SetProperty ssh false
>> 
>>> this will disable sshd ...
>> 
>>> ciao oli
>> 
>> 
>> 
>> 
>> 'disable all root access to the device' This is very unfortunate,
>> please dont restrict root access.
>> 
>> The reason why i like Ubuntu Touch, is that i can change and do 
>> whatever i want (at my responsibility). The more restrictions,
>> the less interesting it gets.
>> 
>> Why does the urge to lock-down everything exist? Some ppl
>> need/want that level of control so taking this away is a huge
>> step backwards.
>> 
> 
> You will continue to have freedom over the device and own your
> data. These steps are part of what is needed to provide data
> protections for certain configurations, but you are in control of
> if/when/how to use them. Rather than restating it all here, you may
> want to read: 
> https://wiki.ubuntu.com/SecurityAndPrivacySettings/ProtectingUserData
>
> 
> 
> 
Thanks, i'l take a look at the plan.
Good to see such a plan exists!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJT7QoCAAoJEHowQq3O0BRFcPMP/19+PXV19e7psVj90L6Rat5T
5X9NcFdBccOpAAwv8feAVfDPrdN7cHOEhImJZG4Eob8x/o50VBDc68IIC8dF3gT2
gySpaKD7SNuad3DE94jc3yv/p2PDBBJYhH97LfgWIGinoSyWRCDrm63lmHjqfVHv
gnoDDtRUKwELQy9n9RohXJbGZCIAvsbWj/qJai5IAum/9a534Avyi+BbdYmxSF4F
JHXRwbxFMto4yL8Q3eUzYlJcGWIAZvgSDfkI0ntjTTEifsn8YOz3NmaN90TNR1UO
hgkGhhHJC1Hc9eLH7fvKPaEBHxnSRpxQFewGMr+56Klak/R6aFHVv4HbUqKLrWKn
iRPZswHFwlcRlQ+WqJCW5T5834Xp5sLO5rU9vrLRveb0ENDOIYHwHRY+vbCvvdV4
LRcuJUP9STIYA5DdLbdJuFNKes8zTpNIDir9OljR96JXAcuxxQcrczbLrc/Wi+Xb
adWB/eQWLCTG31M2q1SZ/Ww8fxOWYP/UKGNxm6itM7pueXItPg5ijOdljW1qLXQS
JqUa+halFMHzlADCV+yXBjT71iYLfvqF+M15oTZwfy8YyY8KIIf4Z0VSune0aMAC
m/3zDAUqE9F8XPfVt0EXWtcWgLI5UlWTJHsIPafYIfH6hc+zxGn4+Tg8p0AGuALT
EcTRBJg71eEY/HIvgYjd
=5w5F
-----END PGP SIGNATURE-----


References