Need ssh open or website updatess

Not sure about about linux admins at Flightaware but they are lacking skills for sure about 20 years ack

#@&*()Flightawarre you have an OS based on Debian either apply auto system updates, otherwise you end up up with 200 plus security updates for whatever how many users you have/ I bet management don’t like losing numbers.
At least give system updates a chance. Like maybe monthly a minimum.

Closed SSH is not helping.

Needed to open up on closed weather proof box just to do updates. If it’s not raining everybody flies.

I will reproduce it I if I have to but this is nuts.

Latest software way out of date on security.

What hardware/software are you asking about?

What security issue in particular?

For FlightFeeders, we are generally selective about which updates are applied to avoid breaking systems in the field; if you know of a security update that is needed to fix an externally visible security issue, please let me know so I can roll it out.

For PiAware installs, these are user-maintained hardware/software and we don’t automatically push OS updates to avoid breaking user systems. ssh access is readily available. If you want to enable auto updates there, then there should be no problem with that beyond the usual problems of applying updates to an unattended, probably headless, system.

For security issues affecting the piaware sdcard image default install, we include those as a versioned dependency in piaware-release to ensure that those updates are applied when a piaware upgrade happens, even though the wider OS is not automatically updated. If there’s something that’s needed there let me know so I can include that in the next version & push it out.

(CVE references would be useful)

5 Likes

@rolajos, you only seem to have one operating site and that is shown as:
image
If this is your ‘problem site’, you can easily enable SSH.

As an alternative, you can easily build your site starting with a Raspberry Pi OS image and have as much control as you like.

3 Likes

In the zip file which contains the image is a document called PiAwareSetupGuide.pdf. That contains a paragraph titled “Enable SSH access” which explains how to enable SSH access and why it is disabled by default. It looks like you haven’t read this document, hence mentioning it here now.

With SSH enabled you can update the OS as often as you want and do whatever else you want to. Note it is not inherently bad if components are “out of date”. It entirely depends on how that instance is being used and how access to it is managed, and that applies to all devices. If you are presenting your instance to unknown parties then consider using a reverse proxy to better manage their access to it.

5 Likes

I sure want the piaware OS to have maximum security because on my piaware RPi I have stored information about my bank accounts, credit cards, my off-shore companies, and list of phone numbers of all my girl friends. :wink:

8 Likes

You would be better off to secure it from the wife :sunglasses: certainly if it comes down to phonenumbers :rofl:

2 Likes

He may have to do an upgrade of girl friend 6.3 to wife 2.0. :smiley:

5 Likes

Says Admins don’t know what they are doing, yet can’t enable SSH on his own?

5 Likes

Are you suggesting the OP hasn’t put in a lot of effort? :laughing:

image

5 Likes

I mean the irony isn’t lost on me of calling the “linux” admins here names yet lacks basic reading skills to enable SSH on his box. It’s also not lost on me if he is worried about security for the average user its best to have SSH disabled as that is just an entry point for hackers if it’s not properly configured.

2 Likes

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.