view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Don't you just touch SSH in the /boot dir after you flash, then you can SSH in as pi and password raspberry?
The workarounds are either using their tool or doing what you suggested. Other SBCs do the reasonable thing and have it enabled by default like the Pi did in the past. This change simply pushes less-proficient users into using their tool.
Having it enabled by default is a pretty massive security hole. I preordered the raspberry pi 1 when it launched and I don’t remember SSH ever being enabled be default in their images. Where did you hear it was enabled by default?
I was, I remember it being that way. They later on made it so you would be required to change the password after the first login.
Most people are running those in a home network that is isolated either way. Most people even share their entire hard drives on the network with little to no security and you're telling me a Pi with SSH access enabled by default is a risk? Professional deployments will be done by people who know how to change the passwords, port and use keys. There's no reason to consider that an issue because of those reasons.