Comment on Banana Pi BPI-M7 - More Reasons to Avoid the Raspberry Pi
towerful@programming.dev 1 year agoDon’t you just touch SSH in the /boot dir after you flash, then you can SSH in as pi and password raspberry?
Comment on Banana Pi BPI-M7 - More Reasons to Avoid the Raspberry Pi
towerful@programming.dev 1 year agoDon’t you just touch SSH in the /boot dir after you flash, then you can SSH in as pi and password raspberry?
TCB13@lemmy.world 1 year ago
The workarounds are either using their tool or doing what you suggested. Other SBCs do the reasonable thing and have it enabled by default. This simply pushes less-proficient users into using their tool.
SailorMoss@sh.itjust.works 1 year ago
Having it enabled by default is a pretty massive security hole. I preordered the raspberry pi 1 when it launched and I don’t remember SSH ever being enabled be default in their images. Where did you hear it was enabled by default?
TCB13@lemmy.world 1 year ago
I was, I remember it being that way. They later on made it so you would be required to change the password after the first login.
AtariDump@lemmy.world 1 year ago
That’s just good password security and reasonable.
See that qualifying word there? “Most”? That’s why they force SSH to be disabled and password changes. If you PERSONALLY can guarantee that no one will EVER put a freshly imaged RPi directly on the internet it doesn’t matter; there’s still a need to change these defaults. I’ve seen the RPi’s deployed in a business environment and I 10000% know that vendors are fscking stupid and would leave default permissions enabled because they’re the lowest bidder.
It’s people like you why we have massive botnets due to default security measures being ignored by major manufacturers.
Good day sir.