Insecure Password Access

    Large numbers of Kodi users configure things from the command-line, so it's a consequence of that. If you're concerned you can install an SSH key and then disable password access.

    Quote from Da Flex

    You only get to that file with root privileges. If you need top-level security, you have to learn a lot.

    Unless you access /storage/.kodi/userdata through the default enabled \\LIBREELEC\Config samba share with known user/pass credential (libreelec/libreelec). You can change the Samba credential in the GUI. You can disable the Samba server in the GUI. You can disable SSH passwords (or SSH entirely) in the GUI. So the defaults are (intentionally) a little open, but if that concerns you it's simple to lock things down. That will likely inconvenience you though. Catch22.

    External Content www.youtube.com
    Content embedded from external sources will not be displayed without your consent.
    Through the activation of external content, you agree that personal data may be transferred to third party platforms. We have provided more information on this in our privacy policy.

    Quote from Da Flex

    You only get to that file with root privileges. If you need top-level security, you have to learn a lot.

    OK, so I am a ~70 year old noob trying to learn.

    Recently I thought I saw a person using one single command to mount the protected partition. That does not seem too hard to breech.

    I'm not b itching. I really am trying to understand. You know how much a 67TB NAS costs. I just want to protect it.

    Quote from WarpLover

    OK, so I am a ~70 year old noob trying to learn.

    Recently I thought I saw a person using one single command to mount the protected partition. That does not seem too hard to breech.

    I'm not b itching. I really am trying to understand. You know how much a 67TB NAS costs. I just want to protect it.

    Maybe you’d be better off using a full desktop version of Linux with Kodi installed. The JeOS principle that LE is based around may not suit your Linux skill set if you need to step outside the box, literally.

    LE is perfect for the appliance model, switch on and go experience as 95% of all the heavy lifting has already been achieved via Add Ons. Simple click, install and configure where necessary from a GUI. No CLI required there.

    The majority of LE users deploy an SBC solution like the RPI and using the four USB ports supplied on board find them more than adequate to supply storage possibilities via USB media.

    I’m a little puzzled why any one individual would need 67TB of storage. Are you hosting some form of data centre service. I wouldn’t have neither the time nor the energy to watch or listen to the media that 67TB would be capable of storing. Personally I have one single 1TB drive connected to my SBC formatted in EXT4 and have zero issues with it.

    Finally age would be a very poor excuse to use for anyone trying to master a new discipline, particularly one that doesn’t require leaving a chair. I’m a couple of years younger than yourself and barring any neurological disorder I don’t see advancing years as a stumbling block to mastering the basics of the Linux environment. Primers like this are ideal for users in your situation https://www.geeksforgeeks.org/linux-tutorial/ If you prefer the printed alternative there are plenty to be found on the web like this https://www.amazon.co.uk/Linux-Absolute…f621&th=1&psc=1

    The original post concerned open text password in LE. Now we are moving into linux zealotry.

    Attack the OP and his HW, but ignore the open text password problem that is apparently there because it's convenient for those who install from the command-line.

    You aren't going to sway any windows users that way you argue. If fact, windows users know it's the guys who know linux who would be doing the attack. I have nothing against linux. I used to run ubuntu when they tried to force us into Win8. So I already know what it is like to try to replace everything with a linux equiv. I have one expensive OCR program which will not move to linux - some kind of licensing thing.

    enough

    good day

    Edited 2 times, last by WarpLover: for clarity (May 31, 2024 at 6:06 PM).

    The NAS device supports multiple users and access rights, so create a "kodi" user with read-only access to media and then relax and watch movies. In the rather unlikely event someone compromises your home network and obtains the insecure password; they can steal copies of your movies, but cannot do more. If that risk bothers you, disable Samba and SSH services and the insecure password cannot be accessed.

    Quote from chewitt

    The NAS device supports multiple users and access rights, so create a "kodi" user with read-only access to media and then relax and watch movies. In the rather unlikely event someone compromises your home network and obtains the insecure password; they can steal copies of your movies, but cannot do more. If that risk bothers you, disable Samba and SSH services and the insecure password cannot be accessed.

    I will disable. As always, thanks.

    edit:

    I am a little slow I guess. I just realized there are two logins for the NAS, admin and user. I was conflating them in my mind. Please forgive.