Topic: sshd is insecure
Once I ssh'ed in to my new Chumby, the first thing I did was set a root password. However, when I was poking around, I noticed something interesting: the sshd keys are part of the read-only file system! I don't know the full details of the SSH protocol, but with common keys on every device, an attacker could at least perform a man-in-the-middle attack on Chumby SSH sessions, if not decrypt the session simply by sniffing the traffic.
Can this be fixed in future firmware updates? It seems as simple as doing the following:
- Updating /usr/local/etc/sshd_config with HostKey entries in /psp
- Including ssh-keygen
- Run ssh-keygen on sshd startup if host keys are missing from /psp