The Banana Pi BPI-M7 single board computer is equipped with up to 32GB RAM and 128GB eMMC flash, and features an M.2 2280 socket for one NVMe SSD, three display interfaces (HDMI, USB-C, MIPI DSI), two camera connectors, dual 2.5GbE, WiFi 6 and Bluetooth 5.2, a few USB ports, and a 40-pin GPIO header for expansion.

    • TCB13@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      17
      ·
      edit-2
      1 year ago

      Yes you can, but then without a display and keyboard you won’t be able to SSH into the thing right away. They’re using small tricks like that to push people into their tool and you’ll be seeing more of that crap in the future.

      • towerful@programming.dev
        link
        fedilink
        English
        arrow-up
        17
        arrow-down
        1
        ·
        1 year ago

        Don’t you just touch SSH in the /boot dir after you flash, then you can SSH in as pi and password raspberry?

        • TCB13@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          12
          ·
          edit-2
          1 year ago

          The workarounds are either using their tool or doing what you suggested. Other SBCs do the reasonable thing and have it enabled by default like the Pi did in the past. This change simply pushes less-proficient users into using their tool.

          • SailorMoss@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            20
            arrow-down
            1
            ·
            1 year ago

            Having it enabled by default is a pretty massive security hole. I preordered the raspberry pi 1 when it launched and I don’t remember SSH ever being enabled be default in their images. Where did you hear it was enabled by default?

            • TCB13@lemmy.worldOP
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              7
              ·
              edit-2
              1 year ago

              I preordered the raspberry pi 1 when it launched and I don’t remember SSH ever being enabled be default in their image

              I was, I remember it being that way. They later on made it so you would be required to change the password after the first login.

              Having it enabled by default is a pretty massive security hole.

              Most people are running those in a home network that is isolated either way. Most people even share their entire hard drives on the network with little to no security and you’re telling me a Pi with SSH access enabled by default is a risk? Professional deployments will be done by people who know how to change the passwords, port and use keys. There’s no reason to consider that an issue because of those reasons.

              • AtariDump@lemmy.world
                link
                fedilink
                English
                arrow-up
                7
                arrow-down
                1
                ·
                edit-2
                1 year ago

                They later on made it so you would be required to change the password after the first login.

                That’s just good password security and reasonable.

                Most people are running those in a home network that is isolated either way. Most people even share their entire hard drives on the network with little to no security and you’re telling me a Pi with SSH access enabled by default is a risk?

                See that qualifying word there? “Most”? That’s why they force SSH to be disabled and password changes. If you PERSONALLY can guarantee that no one will EVER put a freshly imaged RPi directly on the internet backed by a 10 million dollar/pound/euro guarantee per incident it still doesn’t matter; there’s still a need to change these defaults. I’ve seen the RPi’s deployed in a business environment and I 10000% know that vendors are fscking stupid and would leave default permissions enabled because they’re the lowest bidder.

                It’s people like you why we have massive botnets due to default security measures being ignored by major manufacturers.

                Good day sir.

                • lingh0e@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  5
                  ·
                  1 year ago

                  Case in point: a number of years ago I knew a kid who was smart enough to flash Tomato on his router, enable SSH and even install a bunch of Entware packages. But he wasn’t intelligent enough to change the SSH port from 22 or leave the remote access disabled.

                  Fast forward a month or two and his ISP tells him that they traced some pretty serious botnet shenanigans to his IP.

                  Just because someone is smart enough to use a device doesn’t necessarily mean they’re intelligent enough to use it safely.

                • TCB13@lemmy.worldOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  3
                  ·
                  1 year ago

                  That’s just good password security and reasonable.

                  Yes, that’s my point, you don’t need to disable it by default.

                  See that qualifying word there? “Most”? That’s why they force SSH to be disabled and password changes. If you PERSONALLY can guarantee that no one will EVER put a freshly imaged RPi directly on the internet backed by a 10 million dollar/pound/euro guarantee per incident it still doesn’t matter; there’s still a need to change these defaults. I’ve seen the RPi’s deployed in a business environment and I 10000% know that vendors are fscking stupid and would leave default permissions enabled because they’re the lowest bidder.

                  There are those things called licenses and liability liability waivers that are signed specially for those cases. The people doing deployments on business environment should know how to change password / use SSH keys and whatnot, if they don’t that’s not the Pi’s problem.

                  It’s people like you why we have massive botnets due to default security measures being ignored by major manufacturers.

                  By enabling people who shouldn’t be configuring Pi boards in the first place you’re are the one creating botnets. They might be saved by the fact that it doesn’t have SSH enabled by default just to be hacked later on when they decide to run a sudo wget ... | sh.

                  Making things easier has this downside, you protect people so much, they don’t ever learn and then things go bad they can’t handle it and the damage is way way worse.