[Freedombox-discuss] FBX Setup with Debconf Web-Frontend: Difficult

Nick Daly nick.m.daly at gmail.com
Wed Jan 11 03:55:18 UTC 2012

Hash: SHA1

Hi Philip!

I think I did have something a little bit different than what you
understood, my apologies for not being as clear as I should have been.

I'm trying to find ways to make the initial FBX setup simpler.  The
ideal is that the FBX self-configures when plugged in for the first
time, but that seems less realistic.  That could be done, but it would
be more difficult for the user to exert ongoing ownership over the
system.  So, how simple can we make the setup process, while making sure
the user securely owns the finished product?  Also, what can we do to
make sure administration is as simple and secure as possible in the

Philip Hands writes:

> On Tue, 10 Jan 2012 07:45:47 -0600, Nick Daly wrote:
>> The biggest issue is that the server accepts connections only from the
>> localhost and does no authentication at all.  So, there's no way
>> (without hacking on it) to use that frontend for remote management.  The
>> connection also isn't encrypted in any way (HTTP only, no HTTPS), which
>> is bad when you're doing remote management over a wireless network.
> I'd guess that the idea is that you get an ssh connection to the box,
> and then use port forwarding to pipe your browser connection over the
> secure link.
> As you _may_ be saying, that's not really beginner's stuff.

Kind of, and yes.

There are a couple approaches we could take to the setup process, each
with advantages and problems:

- - The user connects to the DreamPlug's wireless network and a specific
  one-time install URL.

  That's simple, but not very secure, and doesn't make future
  administration simpler.

- - The user starts an install script on their primary machine which
  walks them through the install process.

  That's more complicated, however, it means we can automate a fair
  number of things (even the initial connection to the wireless network
  to exchange keys).  This means future administration becomes easier
  and more secure.

If you're configuring over wireless, the initial connection (at least
the key exchange) will be insecure.  Ethernet-based configuration would
be preferred, if more difficult.  Am I shooting too low, not giving
users enough credit?  Are we (should we be) aiming for community gurus
who can set up federated servers for their communities, or end-users who
would set up a server directly?

I'm mostly unconcerned about MITM attacks during the setup process,
because that requires being within a ~30m (wireless) range during a 5
minute window, with the DreamPlug hardware.  *After* the setup is
complete (ongoing administration), I'm plenty concerned about it.

Monkeysphere /could/ help automatically organize an HTTPS connection
between the server and client (after key exchange), had they completed
their listed goals.  That's not the case, though, so it can't be done.

Does this help clarify what I was going for?  Are there any other

Thanks for your time,
Version: GnuPG v1.4.10 (GNU/Linux)


More information about the Freedombox-discuss mailing list