Thank you for your donation!


Cloudsmith graciously provides open-source package management and distribution for our project.


new image 8.3.x using an older backup/restore
#8
(04-30-2023, 05:31 PM)MikeyFresh Wrote: So I guess to wrap this in my own head I'll explain what my original (flawed?) thinking was with regard to use of the new security setup or not.

I had thought perhaps the ultimate security was to skip the userid and password entirely, so instead of leaving an open door via the old default userid and password, how about no door at all?

In other words don't even setup a userid/password/SSH at all, then there is no way for a malicious/unauthorized access to occur. That did not go well last week at all, however doing it in the manner prescribed/specified worked just fine today, with the one bit above about Moode's UI thinking the Host name/player was moode after a restore from backup, even though it was actually my new userid.local that brought up the UI, and that new userid is also what worked via SSH.

To your point, the Setup guide didn't explicitly state that SSH and userid/password are in fact required for moOde to operate correctly, and for being able to get logs and such for troubleshooting issues.

I've updated the guide for upcoming 8.3.3 release (Q3 2023)

ETA: Here is the updated section with the new NOTE.
 
Code:
OS IMAGE AND SECURITY

The OS image does not contain the userid pi, SSH service, WiFi SSID or Access
Point password.

- Use the official Raspberry Pi Imager to choose a moOde OS image, enable SSH,
  create the pi userid and password and optionally a WiFi SSID and password.

  NOTE: SSH and userid/password are required for correct operation of moOde.

  The moOde OS images are listed in the "Media Player OS" category or if they
  were downloaded directly via the Download page at http://moodeaudio.org they
  can be selected via the "Use custom" category.

- Refer to the links below for more information on operating system security
  and how to download and use the Raspberry Pi Imager.
  https://www.raspberrypi.com/software/
  https://www.raspberrypi.com/news/raspberry-pi-bullseye-update-april-2022/

- The Access Point password can be entered via the WebUI, Network Config screen
  after the system starts or via an edited /boot/moodecfg.ini file. The file is
  described in this document in the CUSTOM CONFIGURATION section.

To access the operating system command console use Secure Shell (SSH). An easy
to use WebSSH terminal is available in System Config.
Enjoy the Music!
moodeaudio.org | Mastodon Feed | GitHub
Reply


Messages In This Thread
RE: new image 8.3.x using an older backup/restore - by Tim Curtis - 04-30-2023, 07:56 PM

Forum Jump: