Consider shipping with SSH service disabled by default
(Note: This isn't just specific to Plasma-mobile. The Phosh builds (and maybe others) also enable ssh by default.)
SSH is enabled by default when booting up a fresh Manjaro Pinephone image. It should probably be disabled by default for Pinephone images to improve general device security. The reasoning for this is:
- If you didn't manually enable the SSH service, you might not expect it to be running.
- There are default usernames and passwords on these devices. In particular, the Plasma Mobile image ships with a
kde
superuser account which, although documented, could easily be forgotten about as the user is immediately prompted to create a new account and never ends up using it. To be honest, thekde
user could probably just be removed? - Custom passwords are likely to be very, very weak, consisting of only a few digits.
- The mobile modem may provide an additional attack surface. Firewall rules aren't in place to stop this.
I've got no problem with SSH being installed. I just think it shouldn't be enabled by default.