Console-conf and ip address

Loïc Minier loic.minier at ubuntu.com
Fri Sep 23 16:05:16 UTC 2016 

On Fri, Sep 23, 2016 at 5:47 PM, Steve Langasek <
steve.langasek at canonical.com> wrote:

> On Fri, Sep 23, 2016 at 03:02:32PM +0200, Oliver Grawert wrote:
> > On Fr, 2016-09-23 at 14:59 +0200, Loïc Minier wrote:
> > > I agree this isn't great; I wanted to mention an old but still
> > > working workaround: mDNS. Snapweb should publish a snapweb.local mDNS
> > > record on your LAN, so ssh you at snapweb.local should work. Note that
> > > this only works for one device at a time, so you want to change the
> > > hostname to have e.g. rpi3-xyz.local.
>
> > and even better, it could run an open ssh login like d-i does (i.e. on
> > the NSLU2 images) where console-conf runs on for the initial setup.
> > i was wondering from the start why we dont do this and instead default
> > to physical consoles...
>
> Because the plan is for us to have 8 billion of these devices running
> Ubuntu, connected to the Internet, and mostly *not* having anyone claim
> ownership.  So you don't want an ssh connection open to the world where
> anyone with a snap store account can claim to be the owner of your device -
> or assume that all of these devices are firewalled.
>
> In one of our discussions, I suggested allowing such connections only from
> the local network.  That's trickier to implement than just turning on ssh,
> so not done yet.
>
> (And if it doesn't already, snapweb really ought to have the same ACL IMHO)
>

+1; I was thinking the same thing recently as snapweb was gaining more
features. It's already able to install any snap one likes, so it's quite a
permissive interface without auth already.

I filed https://bugs.launchpad.net/snapweb/+bug/1627093 for us to remember
this

Cheers,
- Loïc


>
> --
> Steve Langasek                   Give me a lever long enough and a Free OS
> Debian Developer                   to set it on, and I can move the world.
> Ubuntu Developer                                    http://www.debian.org/
> slangasek at ubuntu.com                                     vorlon at debian.org
>
> --
> Devices mailing list
> Devices at lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.snapcraft.io/
> mailman/listinfo/devices
>
>


-- 
- Loïc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snapcraft.io/archives/devices/attachments/20160923/e13ad001/attachment-0001.html>

More information about the Devices mailing list