Dave, can you estimate when the sshd work to be done? We really like this feature. Thanks.
From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of Dave Barach via Lists.Fd.Io Sent: Monday, November 26, 2018 8:42 PM To: tianye@sina <tiany...@sina.com>; vpp-dev@lists.fd.io Cc: vpp-dev@lists.fd.io Subject: Re: [vpp-dev] About in-band telnet/ssh support of VPP Please do not use the vpp host stack to listen to port 23 (telnet) on a network-facing interface. You could do that, but please don't do that. All you would need to add is a well-known default password, and you would have created a super-trivial attack surface for your product. Florin and I are working to crank up sshd over the host stack. No guaranteed end-date, but it's coming... D. From: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io> <vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io>> On Behalf Of tianye@sina Sent: Sunday, November 25, 2018 9:10 PM To: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io> Subject: [vpp-dev] About in-band telnet/ssh support of VPP Hello Everyone: As we all knows, the latest VPP version 18.10 support telnet. We can set the conf file like this to monitor the remote telnet request: unix { cli-listen localhost 5002 or cli-listen 192.168.xxxx 5002 ..... But actually the IP/Port pair we are listening is the "in-band" interface. That means that interface belongs to the Linux host system(not the dedicate NIC pre-allocated for VPP) Is there any solution for telnet/ssh toward the VPP in-band interface? (Provide telnet/ssh support for in-band interface is very important when we managed to build a gateway/router device over bare metal machine, since we cannot guarantee we can involve additional out-band interface with any topology and product cost limitation)
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#11420): https://lists.fd.io/g/vpp-dev/message/11420 Mute This Topic: https://lists.fd.io/mt/28320167/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
