Change update server to the HTTPS version

[Garyw]

Is there a config file I can edit to change the freenas update server from http://update.ixsystems.com/FreeNAS/ to it's HTTPS link? I'm a little surprised that this is not the default.

 

[kdragon75]

iX Systems puts security first. That's why they don't use HTTPS by default for the updates or the web client. Oh and the whole root for everything helps too.

 

[danb35]

Nothing in FreeNAS should be handled by manually editing config files, but I'd agree this shouldn't be the case. I'd suggest filing a bug on this.

 

[danb35]

Oh and the whole root for everything helps too.

Don't think this is justified--the "everything" that you need to use root for is system administration, which, well, would require root privileges anyway. If you're talking about the CLI, nothing prevents you from logging in as any other user you choose.

 

[Garyw]

iX Systems puts security first. That's why they don't use HTTPS by default for the updates or the web client. Oh and the whole root for everything helps too.

For the GUI I can easily generate a cert and deploy it. It would be nice to have Lets encrypt built in but that's not a must have.

Nothing in FreeNAS should be handled by manually editing config files, but I'd agree this shouldn't be the case. I'd suggest filing a bug on this.

Understood but I cannot trust any updates because they are being pulled over HTTP........

 

[dlavigne]

Notes that the updates are signed and the updater will generate an error if the there is a signature mismatch.

 

[danb35]

For the GUI I can easily generate a cert and deploy it.

I think @kdragon75's point was iX not incorporating https by default in their own infrastructure, not that they don't activate it by default in the GUI.

I cannot trust any updates because they are being pulled over HTTP

What you trust is up to you. If they fix it in a new release, you could always download the ISO via HTTPS and do the upgrade that way.

 

[Garyw]

Notes that the updates are signed and the updater will generate an error if the there is a signature mismatch.

Do you know how the updates are signed?

 

[kdragon75]

Don't think this is justified--the "everything" that you need to use root for is system administration, which, well, would require root privileges anyway. If you're talking about the CLI, nothing prevents you from logging in as any other user you choose.

It would make sense to run the middleware as root but have a service account interact with the middleware.

How offten to you login to a *nix box as root? You should be using a non privileged user then running the needed commands with su. That way only the commands that need root are run as root and not anything and everything coming from the user logged in as root via HTTP as default.

 

[danb35]

How offten to you login to a *nix box as root?

Actually, pretty frequently. I log in as root to do admin stuff (yes, horror of horrors, I actually log in as root, rather than as someone else and su to root), and as a non-privileged user to do non-admin stuff.

Pretty much everything that happens in the GUI would need root privileges if done at the CLI. So why is it a bad thing to have to log into the GUI as root?

 

[kdragon75]

Cross site scripting to name one.

 

[kernalzero]

For the GUI I can easily generate a cert and deploy it. It would be nice to have Lets encrypt built in but that's not a must have.

I would like to see this too. It would at least make things simpler.