Need security first

Jump to: navigation, search
Revision as of 23 March 2017 at 08:05.
The highlighted comment was created in this revision.

I like the idea in general. Need to first add a major layer of security as a first step.

    12:08, 21 March 2017

    With a level of security what do you think about? If a user want, he can change the SSH username and password on the board and configure the remote deployer with custom username and password or with an SSH Key (I added this thing in my last review of proposal)

      00:45, 22 March 2017

      If we can simply use ssh, then a simple shell script on top of 'scp myscript.js debian@beaglebone.local:/var/lib/cloud9/autorun/' will actually already do the trick. I was thinking we needed to do something to secure the BoneScript web server and that it would be handling the connection. At one point, I was building up my testbanch to do BoneScript RPC testing: https://github.com/jadonk/bonescript/blob/master/test/TODO/remote_bonetest.js. With the PRC, you can simply do "b.writeTextFile("/var/lib/cloud9/autorun/myscript.js", MYSCRIPT_JS);".

        12:57, 22 March 2017

        Okay so you think I have to switch to Bonescript RPC and add a security layer on Bonescript Web Server? For the script management, I have to use a procedure created ad hoc inside the Bonescript Web Server or can I use the systemd remote manager?

          00:05, 23 March 2017