User talk:Sb1: Difference between revisions
mNo edit summary |
No edit summary |
||
Line 17: | Line 17: | ||
* That headless.apkovl has too many security complaints filed, and unfortunately the author has not yet chosen to take the secure-defaults-first approach. The overlay makes users accept publicly shipped "private"(not) keys, by default, and continues starting that unsecured sshd root login server after an installation, by default. Obviously wrong things, but the issues that got filed are hidden as "closed" without actually fixing the wrong behavior. That was the reason for the link removal, to not have users directed to it, at least not without prominent warning. At the moment, sadly, instead of fixing the defaults, the github readme actually kind of hides the facts in in descriptive footnotes that do not mention the consequences. --[[User:Sb1|Sb1]] | * That headless.apkovl has too many security complaints filed, and unfortunately the author has not yet chosen to take the secure-defaults-first approach. The overlay makes users accept publicly shipped "private"(not) keys, by default, and continues starting that unsecured sshd root login server after an installation, by default. Obviously wrong things, but the issues that got filed are hidden as "closed" without actually fixing the wrong behavior. That was the reason for the link removal, to not have users directed to it, at least not without prominent warning. At the moment, sadly, instead of fixing the defaults, the github readme actually kind of hides the facts in in descriptive footnotes that do not mention the consequences. --[[User:Sb1|Sb1]] | ||
: Ok, noted you are not happy with that solution, it's your own opinion. Please consider there are many different opinions out there (repo stars appreciations give some clues; you can discuss the topic there, etc...). This '''wiki is not a place for advocacy''', revenge statement or frustration expression: this does not help users and make things very confusing. Please consider reverting your last changes. --[[User:Alpwik|Alpwik]] ([[User talk:Alpwik|talk]]) 06:23, 23 May 2023 (UTC) |
Revision as of 06:23, 23 May 2023
Hi,
I noticed your recent edits to Installation page made quite a development on an optional matter (headless config), that may still be of interest for many.
I can see a few downsides on how it stands now:
- instructions for an optional thing are becoming very long (and yet incomplete)
- described method requires quite some familiarity with Alpine, whereas this guide is intended for new comers
- that solution has several pitfalls (it will transfer all same settings to any server installed with said apkovl, etc...)
I'm not sure why a reference to a straightforward and working third-party solution is now removed from wiki.
Wiki is not official doc, and any mention does not express endorsement: quality external references are just fine in wiki. Referring to backdoor is irrelevant on this topic: it is not a good place to state personal judgement.
As for the longer option you describe, it may fit better into tutorial section where things could be detailed more.
Would you reconsider the edits in that part?
- We could add the link (https://github.com/macmpi/alpine-linux-headless-bootstrap) to the main Raspberry Pi page. bbbhltz (talk) 15:18, 20 May 2023 (UTC)
- That headless.apkovl has too many security complaints filed, and unfortunately the author has not yet chosen to take the secure-defaults-first approach. The overlay makes users accept publicly shipped "private"(not) keys, by default, and continues starting that unsecured sshd root login server after an installation, by default. Obviously wrong things, but the issues that got filed are hidden as "closed" without actually fixing the wrong behavior. That was the reason for the link removal, to not have users directed to it, at least not without prominent warning. At the moment, sadly, instead of fixing the defaults, the github readme actually kind of hides the facts in in descriptive footnotes that do not mention the consequences. --Sb1
- Ok, noted you are not happy with that solution, it's your own opinion. Please consider there are many different opinions out there (repo stars appreciations give some clues; you can discuss the topic there, etc...). This wiki is not a place for advocacy, revenge statement or frustration expression: this does not help users and make things very confusing. Please consider reverting your last changes. --Alpwik (talk) 06:23, 23 May 2023 (UTC)