i just installed this on an old raspberry pi 2 with an IQ audio Dac and a wifi dongle, everything was picked up automatically, getting thing running with samba was dead simple and I’m blasting out tunes and thinking about a subscription as there are a couple of other spots in the house that could do with this.
What I cant find, is any was to enhance the security. There seems to be no challenge at all on the network, and ssh can be turned on by just visiting the /dev page, so I’ve got a node on my network exposing a superuser shell to anyone else on the network here. Is there anything I can do to make sure only I can access this, or to lock ssh away?
All I can think of is turning ssh on, logging in and changing that password - is there anything else?
As the OP points out, ssh is trivially re-enabled by visiting /dev on Port 80 of the device. Which is to say that anyone with access to Google knows both how to enable ssh on the device and what the default superuser password is.
The only way to ensure a modicum of security is to enable ssh and change the password.
You can then return to the /dev interface and “disable” ssh again. But, as already mentioned, doing make not a lick of difference.