04-30-2023, 07:56 PM
(This post was last modified: 04-30-2023, 08:01 PM by Tim Curtis.
Edit Reason: eta
)
(04-30-2023, 05:31 PM)MikeyFresh Wrote: So I guess to wrap this in my own head I'll explain what my original (flawed?) thinking was with regard to use of the new security setup or not.
I had thought perhaps the ultimate security was to skip the userid and password entirely, so instead of leaving an open door via the old default userid and password, how about no door at all?
In other words don't even setup a userid/password/SSH at all, then there is no way for a malicious/unauthorized access to occur. That did not go well last week at all, however doing it in the manner prescribed/specified worked just fine today, with the one bit above about Moode's UI thinking the Host name/player was moode after a restore from backup, even though it was actually my new userid.local that brought up the UI, and that new userid is also what worked via SSH.
To your point, the Setup guide didn't explicitly state that SSH and userid/password are in fact required for moOde to operate correctly, and for being able to get logs and such for troubleshooting issues.
I've updated the guide for upcoming 8.3.3 release (Q3 2023)
ETA: Here is the updated section with the new NOTE.
Code:
OS IMAGE AND SECURITY
The OS image does not contain the userid pi, SSH service, WiFi SSID or Access
Point password.
- Use the official Raspberry Pi Imager to choose a moOde OS image, enable SSH,
create the pi userid and password and optionally a WiFi SSID and password.
NOTE: SSH and userid/password are required for correct operation of moOde.
The moOde OS images are listed in the "Media Player OS" category or if they
were downloaded directly via the Download page at http://moodeaudio.org they
can be selected via the "Use custom" category.
- Refer to the links below for more information on operating system security
and how to download and use the Raspberry Pi Imager.
https://www.raspberrypi.com/software/
https://www.raspberrypi.com/news/raspberry-pi-bullseye-update-april-2022/
- The Access Point password can be entered via the WebUI, Network Config screen
after the system starts or via an edited /boot/moodecfg.ini file. The file is
described in this document in the CUSTOM CONFIGURATION section.
To access the operating system command console use Secure Shell (SSH). An easy
to use WebSSH terminal is available in System Config.