User: Password:
|
|
Subscribe / Log in / New account

Default "secrets" on DD-WRT etc

Default "secrets" on DD-WRT etc

Posted Feb 3, 2011 14:45 UTC (Thu) by ddwrt (guest, #72712)
In reply to: Default "secrets" on DD-WRT etc by rfunk
Parent article: Default "secrets"

Hi,

the stuff here written here that "the DD-WRT people" do not care is not right.

We noticed this article (even now subscribed to lwn) and we'll take care on a solution.

Our main hassle with a solution right now is, that we on most platforms do not have enough space to put openssl for the key (and x509) stuff into the firmware.
Secondly, we don't trust in the right now random quality on embedded systems. (Ok, that is for sure better than having these "secret defaults").

Also we assume, that offering people the service somewhere "out in the web" to generate the keys will also lead into trust problems again.

The idea we right now have, is to use javascript on the browser to generate the RSA (locally) and the x509 certificate.
We found stuff to do the RSA part already, but haven't finished off with the x509 part.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds