Hello
Can someone help me with the following questions
- It is not clear from the nextcloudpi wiki, but I would like to set up nextcloudpi to only be accessible internally and not externally (internet), what would be the steps required to accomplish this
- I noticed that only a md5sum is provided to verify the image, are there other ways to verify the image against modification maybe through a gpg key?
- Even though I will only be using it for internal purposes what steps should I take to secure (hardening) my nextcloudpi besides the changing default passwords
- Is it safe to uninstall packages such as Postfix email?
thank you
It is not clear from the nextcloudpi wiki, but I would like to set up nextcloudpi to only be accessible internally and not externally (internet), what would be the steps required to accomplish this
Answer ‘no’ when asked in the wizard.
I noticed that only a md5sum is provided to verify the image, are there other ways to verify the image against modification maybe through a gpg key?
Not at this point
Even though I will only be using it for internal purposes what steps should I take to secure (hardening) my nextcloudpi besides the changing default passwords
In the new release there won’t be any default passwords. You can activate modsecurity, UFW, fail2ban and all the security extras that come with NCP.
Is it safe to uninstall packages such as Postfix email?
Yes, just you won’t get system mail notifications
Thank you nachoparker for the quick reply! I also really appreciate the tutorials you have put together for the various security tools offered in your image
@nachoparker I was wondering if in the future (next release)you can offer an sha256 sum instead of the md5sum, unless you think it is unnecessary