General TC > Tiny Core on Virtual Machines

Thinking about sshd & enabling EmptyPassword login...


I am running Core base in a qemu guest.
I have sshd installed in the guest-vm & am considering setting PasswordAuthentication & PermitEmptyPasswords to 'yes'.

I keep the Guest isolated (as much as I know how to).
But would like some feedback whether I'm overlooking something.

Here is the network layout:


Here's how I keep the Guest isolated:

On the Guest: there is no route pointed across the interface (eth0) leading to the qemu-Host.
        tc@box:~$ route -n
        Kernel IP routing table
        Destination     Gateway         Genmask         Flags Metric Ref    Use Iface UH    0      0        0 lo U     0      0        0 eth0

Also on the Guest, iptables permits only communication to/from the qemu-Host:
        tc@box:~$ sudo iptables -S
        -P INPUT DROP
        -P OUTPUT DROP
        -A INPUT -s -i lo -j ACCEPT
        -A INPUT -s -d -i eth0 -j ACCEPT
        -A OUTPUT -d -o lo -j ACCEPT
        -A OUTPUT -s -d -o eth0 -j ACCEPT

On the Host:
- iptables permits only packets source & destined within to be input or output on the interface leading to the qemu-Guest.
- iptables drops all on Forward chain.
- ip masquerading is not enabled.
- ip packet forwarding is not enabled (no routing function on the host).

In fact I don't have any of this set up automatically, I manually config tap intf & update iptables both on Host & Guest when I need to run the emulation. However I could one day make a mistake & maybe expose the Guest.

I am using the 'hostfw' function of qemu, in that any connection made to a tcp port on the host, is redirected to a port on the guest.

My question is, am I missing anything in keeping the Guest isolated? Do I already have a hole somewhere?

I am not a security type so thx for reading this far.

Use keys and turn off passwords completely.

That's what I am doing currently.

But can't specify specific identity file when browsing sftp via Nautilus (host  = gnome). Hence empty-password method.
But then I found sshfs. So I've got it mounted now & guess I'll stay w/ keys.

Still am curious if I was missing something in keeping Guest isolated. If anyone else has any thoughts that'd be cool.

(I guess w/ no routing knowledge on the guest, it's sealed shut, unless someone cracks the host, in which case I've got bigger problems).


[0] Message Index

Go to full version