Jump to content

Ambian's password rules are making me think that running Armbian is a mistake


Go to solution Solved by Igor,

Recommended Posts

I'm sure the the developers intentions are good but i'm a big boy now and don't need or want someone else restricting how my passwords must be formed.  One of the things that draws me to linux is the concept of freedom.  Please tell me how to get around this limitation of Armbian/cinnamon on my Raspberry Pi4b.  I use LMDE 5.0/cinnamon on my Intel & AMD computers and don't have this problem.  I don't say his in anger.  If I have to type a long password to simply use sudo then I'm not sure I want to run Armbian.  

Link to comment
Share on other sites

Check forum guidelines to use maximum potential!

4 hours ago, Presto said:

how to get around this limitation

 

Fail 3 times.
https://github.com/armbian/build/blob/master/packages/bsp/common/usr/lib/armbian/armbian-firstlogin#L252-L298

 

4 hours ago, Presto said:

If I have to type a long password to simply use sudo then I'm not sure I want to run Armbian.  

 

Or set a proper password once and then change your password at any time. But it annoys me a bit too. One possible solution is to just issue a warning or specifically asks you - are you sure to use unsafe password.

 

Link to comment
Share on other sites

39 minutes ago, Igor said:

 But it annoys me a bit too.

Agree. At the bottom line it is up to the user to decide if a strong password is mandatory or not. A confirmation should do it. Everything else is out of scope for us anyways.

Enforcing a strong password also often leads to cause the user to use kind a bare-mininum-working password like qawsed123.

Link to comment
Share on other sites

Igor and Werner:  Thank you so much for your replies to my post!  Igor, I hate to be such a noob but when you reply "Fail 3 times."  Do you mean fail to make an acceptable entry three times so that I will finally give in and enter a long and tedious "acceptable" entry in order to go on?  Also you submitted a code example.  Is this a patch that will allow a lesser entry?  If so how do I use it?  I'm willing but not much of a modern programmer. 

 

My time as a commercial programmer was spent in the 80s as a Prime Information Database programmer/administrator.  Prime Information ran on a Prime minicomputer that took up a good sized room. The 300mb disk had 14" platters. Primos OS>PrimeInformation>InfoBASIC/SQL was the cutting edge at the time.  My hobby machine back then was an old 4K Atari 800 with a cassette tape storage.  I upgraded to 24K memory and a dual disk 88k floppy drive.    

 

Werner you are right about "a confirmation and warning" question should be sufficient.  My Commercial programmer son gifted me the Raspberry Pi that I play on now learning python. I am working on a numerology program while I learn.   

Link to comment
Share on other sites

1 hour ago, Presto said:

I'm willing but not much of a modern programmer. 

 

We code system scripts in 90s the same way ;) but IIRC we used Perl.

 

1 hour ago, Presto said:

Igor, I hate to be such a noob but when you reply "Fail 3 times."

 

Perhaps this is not the case when password complexity protection kicks. I recall on this bug https://armbian.atlassian.net/browse/AR-1234

 

1 hour ago, Presto said:

Also you submitted a code example. 


This is the part of the code that is handling this. We will fix this when possible. (i work on this project 7am 10pm and can't jump on this just like that).

Link to comment
Share on other sites

  • Solution
3 hours ago, Presto said:

Sorry, but no real solution has been submitted to date.

 

There is around 1000 x more ideas, wishes and bugs than resources behind the project. Check that graph below https://armbian.atlassian.net/jira/dashboards/10103 :(Perhaps that will help you understand. Most of things are not even recorded as recording is already an effort. This is community project 1st and you are welcome to contribute a small part of your time https://docs.armbian.com/Process_Contribute/ an resolve a problem for all of us. I know we made this part, but if you need a quick solution, its on you. Without community help, this giant software project can't be maintained.

Link to comment
Share on other sites

vor 8 Stunden schrieb CryBaby:

This is the real solution. Annoying passwords are only enforced at installation.

No, that is no acceptable solution.

 

apart from that, it's about the first impression during installation.

I have two NAS (rockpi4) both running armbian. The installation of the first one was a few years ago. I invested a lot of time to be able to control the fan of the tower. When I installed the second NAS, I found that the newer armbian prohibits PWM fan control. I then decided to use an external fan controller and stayed with armbian.

 

Recently I had to install a raspberry4 (for the company). Armbian was of course my first choice. But the new installation routine frustrated me so much that I threw armbian in the garbage can and switched to raspi os. Raspi OS allows one to switch the keyboard to language in use before having to enter a password. With the password, everything is accepted. You just get a hint that the password may be too insecure to operate on the internet. With Armbian, the first thing you have to do is enter a strong password. With a keyboard setting that you don't even know! And even after the installation it is still very very difficult to switch the keyboard. At least for someone who doesn't know Linux that well.

 

If you compare the impression the first installation leaves on the user, a raspi os says: Welcome. Thank you for using raspi os.

The message of armbian on the other hand is: fuck off! Armbian is not for you!

 

Link to comment
Share on other sites

3 hours ago, tony013 said:

newer armbian prohibits PWM fan control.


Those few Armbian developers that finance your addiction to cheap new hardware has nothing to do with broken PWM fan control. We haven't designed this hardware, we don't sell this hardware, we don't support anything you plug to the machine. It can work or not. If you want that its fixed, we provide you build tool and if you pay, we can find you someone to fix it for you. We can finance bug resolving more then we already do. Its pointless. You don't even say thanks.

 

3 hours ago, tony013 said:

You just get a hint that the password may be too insecure to operate on the internet. With Armbian

 

We already agree with you that better security is not for general population https://armbian.atlassian.net/browse/AR-1385 and there is nothing I can do to fix it faster without your help. Raspi has over million dollar budget for deal with you, we can cover like 5-10% of the costs we have it with you. Show some respect.

Link to comment
Share on other sites

Thank you for your efforts Egor! looking forward to the approval of your changes.  Honestly I was about to give up on Armbian / Cinnamon even though I like it.  I do use a strong password upon initial startup but find using one every time I need to use sudo is a little paranoid for my use case.  Will Armbian update this change automatically when the change is approved?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...