[Freedombox-discuss] FBX Setup with Debconf Web-Frontend: Difficult
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Philip!
I think I did have something a little bit different than what you
understood, my apologies for not being as clear as I should have been.
I'm trying to find ways to make the initial FBX setup simpler. The
ideal is that the FBX self-configures when plugged in for the first
time, but that seems less realistic. That could be done, but it would
be more difficult for the user to exert ongoing ownership over the
system. So, how simple can we make the setup process, while making sure
the user securely owns the finished product? Also, what can we do to
make sure administration is as simple and secure as possible in the
future?
Philip Hands writes:
> On Tue, 10 Jan 2012 07:45:47 -0600, Nick Daly wrote:
>
>> The biggest issue is that the server accepts connections only from the
>> localhost and does no authentication at all. So, there's no way
>> (without hacking on it) to use that frontend for remote management. The
>> connection also isn't encrypted in any way (HTTP only, no HTTPS), which
>> is bad when you're doing remote management over a wireless network.
>
> I'd guess that the idea is that you get an ssh connection to the box,
> and then use port forwarding to pipe your browser connection over the
> secure link.
>
> As you _may_ be saying, that's not really beginner's stuff.
Kind of, and yes.
There are a couple approaches we could take to the setup process, each
with advantages and problems:
- - The user connects to the DreamPlug's wireless network and a specific
one-time install URL.
That's simple, but not very secure, and doesn't make future
administration simpler.
- - The user starts an install script on their primary machine which
walks them through the install process.
That's more complicated, however, it means we can automate a fair
number of things (even the initial connection to the wireless network
to exchange keys). This means future administration becomes easier
and more secure.
If you're configuring over wireless, the initial connection (at least
the key exchange) will be insecure. Ethernet-based configuration would
be preferred, if more difficult. Am I shooting too low, not giving
users enough credit? Are we (should we be) aiming for community gurus
who can set up federated servers for their communities, or end-users who
would set up a server directly?
I'm mostly unconcerned about MITM attacks during the setup process,
because that requires being within a ~30m (wireless) range during a 5
minute window, with the DreamPlug hardware. *After* the setup is
complete (ongoing administration), I'm plenty concerned about it.
Monkeysphere /could/ help automatically organize an HTTPS connection
between the server and client (after key exchange), had they completed
their listed goals. That's not the case, though, so it can't be done.
Does this help clarify what I was going for? Are there any other
questions?
Thanks for your time,
Nick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBAgAGBQJPDQgnAAoJEJ8nM/QJKNI6m4cQAKi1F1/D4Y6OHaTfQtMg9hOw
BajtpAdcfVu5by2VyZ1jrQxt3HFxSwS/Vc4GcOXFFHPPrVdJOd5TpYTMf8vdHhj9
wbLW80+mR0877O4xis9sW9Rgq0b8l7t8YYBOD9yUFfT6FIRbW4wO/7NDyjR8koBi
J7vXNe8prpqp52EeduhgYNFLUygf5xCYqdDXVDN2O+EwgCnWChfC/mzB9hdfeP1u
a/3vH/KL1ZhevK+Qd1GAYLzM1xLOJlmQOEPmk9LY0zTL7oXjj6aAZ8mh/BXFcoFL
W8QiOWu1KSjGvEs8JZPPtdng7rVYq1yh9ko5GEBjk1ArF0tyAmyItQYc75fPmwbJ
fy+HmE5OHPA65efY9hlgJjONxCQpsJfwWQ+3eSgzyP3OgxJvv6/qIGGELGXugz2y
rAMmfxbLnqlImTafNSp6zj2R/IHRMlcQMHG2Ppn6qd1JJNLVnQYoE049IkEDVe7w
UpBdrMALr+jysM5rLqmSWCuGiJOpUmn2zmJccRQJ1XDqTBbjJhkxIUQ1UJPRQRB2
Bqxd8VVLZhf00meunxQcCGKKmNpC2DMQxmzjuZNoHuA7XTsw66p63c9YGbbzP6gl
PZmlQXTiosxKTBBT+inMLr0iaATqqYHg5shdKcOt0QBqn8aPLKCQX4qh9euO3Ovd
J1KY8om+qnq/26WP2Ict
=RpPH
-----END PGP SIGNATURE-----
Reply to: