After almost a month I have decided to release new image, so users can keep up with updates and help me test new features.
By number of changes in git repo I think this is most complex release so far, it features two brand new PCF modules and quite a few changes on kernel. What is star of the show if you ask me is support for 2FA, google-authenticator. I wanted to implement yubikey too but it is far more complex than I imagined, so not to postpone release any more I have decided to feature it in next release.
Few days ago was official birthday of Peerbox project, Peerbox is now six months old.
Please test, report problems and discuss as always.
Now firewall (iptables) is auto-configured on first boot to match local network settings.
I have chosen really minimal and simple solution for this problem. If this approach is proven unstable or unusable in some scenarios I have another solution almost ready.
If you want Peerbox to re-configure firewall just delete /etc/pcf/firewall/.lock and reboot system.
Bumped kernel version to current point release to keep up with upstream security patches.
Also, did quite a few changes in kernel config. Security wise, due this changes system is now more secure.
v0.24.1 released, this update fixes somewhat fatal bug (firewall setup locked out-of-the-box) in v0.24.
Fix bug #5, version report bug
Fix bug #4, pcf-firewall-setup does not load created rules upon first boot and requires user to restart.
Fixed some minor quirks with pcf-google-auth module.
Updated python to 2.7.9 (security bugfixes)
Updated systemd to next point release
pcf-modules-google-auth is now installed by default but not activated. To activate it use “google-authenticator” command. I advise you to use google-authenticator, is relatively hassle-free but great improvement on security.
Removed utility programs for less popular filesystems (reiserfs, xfs, jfs)
Reduced size of the compressed image by starting on fresh filesystem.
[quote=“Thireus, post:12, topic:3077”]iptables still not working OOB for subnets like 192.168.38.0/24
Can’t access SSH, have to modify the rules manually.[/quote]
I had the same problem reported before, I have tried to analyze this issue but without success. As it seems, there is no issue. PCF module recognises correct IP and loads rules properly, that is what testing showed. I will raise an issue on git again, and will contact you to go over this again. If you can, please install Tox so we can communicate in real time. I will contact you as soon as I have some spare time.
I’d like to update, but am unsure how to back up my wallet. As I’ve mentioned before, with my current version (0.24.1??), writing to the USB doesn’t seem to work. I follow the instructions to the letter, but when I inspect the USB in Windows, the wallet.dat file is not there. But in a directory on raspi instead.
Ideas? Or should I just go ahead and flash 0.24.2 and redo importprivkey, and then do ppcoind encrypt (how I ended up doing it previously)?
Edit: Going the importprivkey route seems to reset coin-days, as it appears that that info is contained in wallet.dat. I found this out when I had some PPC sent to a Peerunity address while Peerunity was not running. Upon restarting Peerunity a week or so later, the new transaction finally showed after the blockchain re-sync’d, but with an age of “0”.
I think it’s the same problem if you rehash the block chain completely without wallet.dat. Transaction time stamps are stored in the wallet.dat.
Using priv key (and not wallet.dat) won’t give you correct time stamps.