-
-
Notifications
You must be signed in to change notification settings - Fork 280
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A user should never have to SSH to Gladys Raspbian image #648
Comments
I don't think we want something on Linux side! The goal of this GitHub issue is to never have to SSH to the Raspberry Pi, so this doesn't work We want for example an automated task on Gladys side which changes the SSH passsword automatically, so that the password is, by default, never a default password. If the user is an advanced user, he'll have in the web UI a view in "config" with the "login/password". |
I agree for newbie but not for advanced user. In case advanced user want to connect to rpi, he doesn't want to do that in Gladys. In my own Gladys must not manage system user in term of security. This basic setting set password reset at first login. Simple. And it's technically complicated because Gladys is inside container. So, I have managed to generate a rpi image (500mb) with non default user, password can be generated and reset at first login. Build with latest kernel in 8 minutes At first start partition expand and containers are created. I'm trying to follow global philosophy, simple, even for advanced user. |
Sorry I didn't see your comments... Lost in my endless pile of GitHub notifications.. Better late than never 😅
Nice ! About the auto-expand, it's great! Do you know if you'd be able to generate a rpi-image with docker + Gladys in CLI for example ? Right now I'm building manually the image, it would be amazing if it could be an automated process ! About the reset password at first login, it still means that the user has to do a SSH login: We don't want that, in Gladys 4, a user should never have to SSH to Gladys, everything should be done in Gladys UI. Gladys should be thought as an end product IMO, like any other product you can buy in store.
I don't know if there is a perfect answer to that, after searching the web, for example Sonos Speaker are openly accessible on the network, so if you are on the same Wi-Fi, you're considered "authorized" to access the speaker. So maybe leaving what the Raspberry fondation did (default user/default pass) is the right thing... I don't know Two more things I'm thinking about, which are in my opinion even more important:
|
Closing this "debate" issue in favor of more explicit tasks : |
The text was updated successfully, but these errors were encountered: