Hardening a debian install and other real world embedded linux questions.
I am using the slug as a development platform for a product we are
making that will also be based on ARM. It is running Debian with an
external usb 4 gb stick and it's all working well. These devices will
be shipped to customers for testing.
My question relates to hardening up the system so that my code is not
easily copied if the user just puts the usb key into another computer.
I'll obfuscate the code but technically the code will still run if
copied onto another platform (the code is in python).
Is there any standard way of making this difficult for a user.
Do people create a root user and password and run everything as that?
Do they create jffs2 drives, mount them and put the code in there?
Is there any good resource to help with this sort of linux.
I have "Building embedded linux systems" and that is pretty useless as
far as detail is concerned.
I also have Linux appliance design and while that has more detail it
is really focused on the machine interface aspects.
I have experience with Meraki and they provide ssh access but the
flash is embedded in the product.
Also, is there standard/best-practice practice for dealing with
updates, cron jobs, web interfaces, etc for embedded systems or is all
a roll-your-own process. My devices are Ethernet attached and I am
using ftp for uploads and downloads (an ftp client on the device).
However I have seen rsync being used as well as wget, remote http
calls. etc. If I was to use SSH how is the authentication handled.