From owner-freebsd-hackers  Sat Jun 28 01:37:02 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id BAA12090
          for hackers-outgoing; Sat, 28 Jun 1997 01:37:02 -0700 (PDT)
Received: from sendero-ppp.i-connect.net (sendero-ppp.i-Connect.Net [206.190.143.100])
          by hub.freebsd.org (8.8.5/8.8.5) with SMTP id BAA12071
          for <freebsd-hackers@FreeBSD.ORG>; Sat, 28 Jun 1997 01:36:50 -0700 (PDT)
Received: (qmail 23823 invoked by uid 1000); 28 Jun 1997 08:32:55 -0000
Message-ID: <XFMail.970628013254.Shimon@i-Connect.Net>
X-Mailer: XFMail 1.2-alpha [p0] on FreeBSD
Content-Type: text/plain; charset=iso-8859-8
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <Pine.BSF.3.95q.970628004030.8640B-100000@misery.sdf.com>
Date: Sat, 28 Jun 1997 01:32:54 -0700 (PDT)
Organization: Atlas Telecom
From: Simon Shapiro <Shimon@i-Connect.Net>
To: Tom Samplonius <tom@sdf.com>
Subject: Re: com console, and h/w flow control...
Cc: Bruce Evans <bde@zeta.org.au>, mburgett@cmnsens.zoom.com,
        freebsd-hackers@FreeBSD.ORG
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Hi Tom Samplonius;  On 28-Jun-97 you wrote: 
> 
> On Sat, 28 Jun 1997, Simon Shapiro wrote:
> 
> > One logs in on the serial console from a modem (or terminal server),
> > becomes root and the serial connection drops (noisy modem line, etc.). 
> > 
> > At this point ANYONE who dials-in is ROOT!
> 
>   This is not really what the COM console was designed for anyhow.  Don't
> use a modem on it, ever.
> 
>   Not only could modem users grab root, as above, if they happen to be on
> when the system is booting, they could simply boot single user.

This is easily fixed by having DTR stay low until the kernel initializeds
the driver (which is probably what happens now).  A properly setup modem
(or terminal server) will not connect until DTR goes true.

> Remember,
> the COM console features give you CONSOLE access, and such access should
> not be taken lightly!

Exactly my point!  But how do we satisfy the need for remote access to the
console?   One needs some sort of firewall. Another Unix BOX with null
modem as you suggest below) will do it.  but how do you protect
that machine?  Besides, this arrangement is no different than a terminal
server and it introduces a single point of failure.  No good.

>   So DON'T use a modem on a COM console.  Configure a regular serial port
> instead.

That is obviously clear (clearly obvious?), but does not answer the
question:  What would you recommed as a SECURE remote console access?

>   If you need to use the console remotely, and want to use COM console
> for
> this, use another FreeBSD box with a null modem cable to the console
> port.
> Or, you could use a terminal server for this (this is what I do, mainly
> because I have a two spare Portmasters).

I am thinking of a product definition for hundreds of world-wide
installation.  we want a secure remote port.  Having a terminal server is a
reasonable way to doit, but it is a SPOF.  Buth security and availability
wise.

Simon