us - public system
Zenaan Harkness
zen at freedbms.net
Sat Dec 14 15:32:13 PST 2019
On Sat, Dec 14, 2019 at 10:35:58PM +0000, other.arkitech wrote:
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Saturday, December 14, 2019 7:52 PM, Punk-Stasi 2.0 <punks at tfwno.gf> wrote:
>
> > On Fri, 13 Dec 2019 23:30:51 +0000
> > "other.arkitech" other.arkitech at protonmail.com wrote:
> >
> > > http://otheravu4v6pitvw.onion/misc/downloads/answers_to_questions.txt
> >
> > "The operating system image contains a pre-configured raspbian system where user gov
> > has sudo powers, hence you have root privileges. For maintenance purposes I have (temporarily) root access too, via ssh port 16671"
> >
> > haha, you can't be serious...?
> >
>
> I understand your concern, but I am running an alpha version of the system and having an ssh access to the node allows me to maintain and update the software.
> I've been running 50 nodes for 1 year using this mechanism as a mean to tune the systems. (development setup)
> Obviously this requires trust on me.
> Removing this trust is as easy as removing the file
> /root/.ssh/authorized_keys
> But this is like disconnecting your OS from automatic updates.
> It is temporary maintenance priviledge, it will be gone when I release 1.0.
> It should not be a concern since it is a dedicated raspeberry pi and little I can do inside that represents a threat.
Recommendation: script everything - have a script that rolls out
your "standard testing install", have a script so that nodes can
"pull" updates, rather than receive centralized "push" updates by
default.
The git model is now ubiquitous because it works for people ...
More information about the cypherpunks
mailing list