#+TITLE: #+AUTHOR: Bob Mottram #+EMAIL: bob@freedombone.net #+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber #+DESCRIPTION: Turn the Beaglebone Black into a personal communications server #+OPTIONS: ^:nil toc:nil #+HTML_HEAD: #+BEGIN_CENTER [[file:images/logo.png]] #+END_CENTER #+BEGIN_EXPORT html

Usage

#+END_EXPORT | [[Readme]] | | [[Improving ssh security]] | | [[Administrating the system via an onion address (Tor)]] | | [[./mobile.html][Mobile advice]] | | [[./usage_email.html][Using Email]] | | [[./app_syncthing.html][Syncing to the Cloud]] | | [[./app_dlna.html][Play Music]] | | [[./app_gnusocial.html][Microblogging (GNU Social)]] | | [[./app_postactiv.html][Microblogging (PostActiv)]] | | [[./app_ghost.html][Blogging with Ghost]] | | [[./app_htmly.html][Blogging with HTMLy]] | | [[./app_hubzilla.html][Social Network]] | | [[./app_lychee.html][Photo albums]] | | [[./app_dokuwiki.html][Wiki]] | | [[./app_etherpad.html][Collaborative document editing]] | | [[./app_irc.html][Multi-user chat with IRC]] | | [[./app_xmpp.html][XMPP/Jabber]] | | [[./app_tox.html][Tox]] | | [[./app_mumble.html][Mumble]] | | [[./app_mailpile.jtml][Mailpile]] | | [[./app_rss.html][RSS Reader]] | | [[./app_radicale.html][CalDAV calendar server]] | | [[./app_gogs.html][Git Projects]] | | [[Adding or removing users]] | | [[./app_pihole.html][Blocking Ads]] | * Improving security It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running: #+begin_src bash freedombone-client #+end_src On your local system (i.e. whatever you're logging in to the Freedombone system from, typically a laptop). Then: #+begin_src ssh myusername@freedombone.local -p 2222 #+end_src Select *Administrator controls* and re-enter your password, then *Manage Users* and *Change user ssh public key*. Copy and paste the ssh public keys which appeared after the *freedombone-client* command was run. Then go to *Security settings* and select *Allow ssh login with passwords* followed by *no*. You'll need to make sure that you have a copy of the ~/.ssh directory on your local system. You could just copy that directory to a USB drive and then keep that somewhere safe so that you can restore the keys if you need to. * Administrating the system via an onion address (Tor) You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following: #+BEGIN_SRC bash ssh username@freedombone.local -p 2222 #+END_SRC Select /Administrator controls/ then select "About this system" and look for the onion address for ssh. You can then close the terminal and open another, then do the following on your local system: #+BEGIN_SRC bash freedombone-client #+END_SRC This will set up your ssh environment to be able to handle onion addresses. Then you can test ssh with: #+BEGIN_SRC bash ssh username@address.onion -p 2222 #+END_SRC Subsequently even if dynamic DNS isn't working you may still be able to administer your system. Using the onion address also gives you some degree of protection against corporate or government metadata analysis, since it becomes more difficult to passively detect which systems are communicating. * Adding or removing users Log into the system with: #+BEGIN_SRC bash ssh username@domainname -p 2222 #+END_SRC Select *Administrator controls* then *User Management*. Depending upon the type of installation after selecting administrator controls you might need to enter: #+BEGIN_SRC bash sudo su control #+END_SRC [[file:images/controlpanel/control_panel_manage_users.jpg]]