by briaeros007 » Mon Jun 22, 2015 10:59 pm
Hi,
I began to play with the image.
And it's not true that there are no ssh and whatever.
There a dropbear ssh server which listen on the 22222 .
But, and we will not be great friends, this fellow doesn't authorize the account I've just created with a password I know it works...
(well, I do love adduser and passwd in this distribution : you can't enter any password...)
I haven't yet verified, but I think that at least one of they account will have a ssh key (since no account have any password) and they can connect to a VPN with openvpn (I don't remember if it's vpn.resin.io or api.resin.io).
I will trying to remodify the sdcard, and If I can't get a full access, for at least
- know what they are doing (network packet send, ...)
- how this things work (why there are 6 partition, with plentiful of type, but only one I can mount directly ? Seems to have a btrfs somewhere , but where and why?)
I will be forced to delete it.
There is just no way that I will let a computer that I can't manage or control in a way or another in my personal network.
What if , it's used to sniff what I'm doing, or play any type of security threat (DDoS, CoC,...) , in the guise of scientific computation ?
There is also no way that I will be locked out on a computer I bought.
So, I concur with everyone before : to gain the faith of more participants : more information in :
- what , when, how batchs will be decided and launched (and if, as boinc, it will be possible to advantage certain types of batches).
- how does-it work. how can we manage and monitor our parallella?
(Perhaps I'm old school, but I need to have a direct access, not something "in the cloud" with yet another account and terms of agreement...)
Edit : For those interested ; the simplest solution to get a root ssh, it's to add your own key to /home/root/.ssh/authorized_keys ,
Also the image doesn't seem to be a full custom for parallela : they've got wpa_supplicant running by default etc...
No sensors package, or xtemp, so I've got no idea how to check for temperatures (only found one temperature sensor in /sys).
There are no firewall on this distribution (all default policy are "ACCEPT", no input check, no output check, ...)
It will be great to have something a little more "hardened" if anybody (someone we don't control) could run what they want on it.