Hi Parazyd, thanks for accepting my merge requests so far.
I had been working on allowing to ssh to the OS after the first boot and then noticed you already had implemented the missing things (ssh host keys creation, allow root to ssh) through the copy-root-overlay function.
However I am worried about the fact that the /etc/ssh/sshd_config provided by the openssh-server package is replaced with a modified copy of this file, for several reasons:
- what will happen when sshd_config provided by the package maintainer get improved, will somebody remember to modify the one in arm-sdk accordingly?
- on one hand security is lowered (allow root login), on the other hand security is increased (remove weak host keys, disable X11 forward, ...), it does not feel coherent.
Wouldn't it be best to just leave the sshd_config as it is shipped by the openssh-server package maintainer? And instead create a normal user which can ssh to the system, then
su to root?
That is the solution I implemented. If you are willing to implement this instead of an overlay of sshd_config, tell me. I will then upload the code and you can verify if I implemented it correctly.