User talk:Sb1: Difference between revisions

From Alpine Linux
No edit summary
(mea culpa)
Line 18: Line 18:
* That headless.apkovl has too many  security complaints filed, and unfortunately the author has not yet chosen to take the secure-defaults-first approach. The overlay makes users accept publicly shipped "private"(not) keys, by default, and continues starting that unsecured sshd root login server after an installation, by default. Obviously wrong things, but the issues that got filed are hidden as "closed" without actually fixing the wrong behavior. That was the reason for the link removal, to not have users directed to it, at least not without prominent warning. At the moment, sadly, instead of fixing the defaults, the github readme actually kind of hides the facts in in descriptive footnotes that do not mention the consequences. --[[User:Sb1|Sb1]]
* That headless.apkovl has too many  security complaints filed, and unfortunately the author has not yet chosen to take the secure-defaults-first approach. The overlay makes users accept publicly shipped "private"(not) keys, by default, and continues starting that unsecured sshd root login server after an installation, by default. Obviously wrong things, but the issues that got filed are hidden as "closed" without actually fixing the wrong behavior. That was the reason for the link removal, to not have users directed to it, at least not without prominent warning. At the moment, sadly, instead of fixing the defaults, the github readme actually kind of hides the facts in in descriptive footnotes that do not mention the consequences. --[[User:Sb1|Sb1]]
: Ok, noted you are not happy with that solution, it's your own opinion. Please consider there are many different opinions out there (repo stars appreciations give some clues; you can discuss the topic there, etc...). This '''wiki is not a place for advocacy''', revenge statement or frustration expression: this does not help users and make things very confusing. Please consider reverting your last changes. --[[User:Alpwik|Alpwik]] ([[User talk:Alpwik|talk]]) 06:23, 23 May 2023 (UTC)
: Ok, noted you are not happy with that solution, it's your own opinion. Please consider there are many different opinions out there (repo stars appreciations give some clues; you can discuss the topic there, etc...). This '''wiki is not a place for advocacy''', revenge statement or frustration expression: this does not help users and make things very confusing. Please consider reverting your last changes. --[[User:Alpwik|Alpwik]] ([[User talk:Alpwik|talk]]) 06:23, 23 May 2023 (UTC)
:: Sorry both of you. It appears that I made a change on the page by accident. My son touched the keyboard when I wasn't looking. Please feel free to "undo" whatever I just change on the Installation page.

Revision as of 07:33, 23 May 2023

Hi, I noticed your recent edits to Installation page made quite a development on an optional matter (headless config), that may still be of interest for many.
I can see a few downsides on how it stands now:

  • instructions for an optional thing are becoming very long (and yet incomplete)
  • described method requires quite some familiarity with Alpine, whereas this guide is intended for new comers
  • that solution has several pitfalls (it will transfer all same settings to any server installed with said apkovl, etc...)

I'm not sure why a reference to a straightforward and working third-party solution is now removed from wiki.
Wiki is not official doc, and any mention does not express endorsement: quality external references are just fine in wiki. Referring to backdoor is irrelevant on this topic: it is not a good place to state personal judgement.
As for the longer option you describe, it may fit better into tutorial section where things could be detailed more.

Would you reconsider the edits in that part?

We could add the link (https://github.com/macmpi/alpine-linux-headless-bootstrap) to the main Raspberry Pi page. bbbhltz (talk) 15:18, 20 May 2023 (UTC)
That third-party apkovl solution works on any Alpine platform it is not limited to Pi-thing: I've been successfully using it on x86_64, x86,... So referring to it from main install page makes sense --Alpwik (talk) 15:07, 21 May 2023 (UTC)
  • That headless.apkovl has too many security complaints filed, and unfortunately the author has not yet chosen to take the secure-defaults-first approach. The overlay makes users accept publicly shipped "private"(not) keys, by default, and continues starting that unsecured sshd root login server after an installation, by default. Obviously wrong things, but the issues that got filed are hidden as "closed" without actually fixing the wrong behavior. That was the reason for the link removal, to not have users directed to it, at least not without prominent warning. At the moment, sadly, instead of fixing the defaults, the github readme actually kind of hides the facts in in descriptive footnotes that do not mention the consequences. --Sb1
Ok, noted you are not happy with that solution, it's your own opinion. Please consider there are many different opinions out there (repo stars appreciations give some clues; you can discuss the topic there, etc...). This wiki is not a place for advocacy, revenge statement or frustration expression: this does not help users and make things very confusing. Please consider reverting your last changes. --Alpwik (talk) 06:23, 23 May 2023 (UTC)
Sorry both of you. It appears that I made a change on the page by accident. My son touched the keyboard when I wasn't looking. Please feel free to "undo" whatever I just change on the Installation page.