Google ... why Google ...?

Started by minitux, February 02, 2019, 01:19:03 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 02, 2019, 01:19:03 AM
Hi,

just bumped into OpenSense while browsing Diaspora*. Looks good. As a long time user of pfSense, it would be good to understand what brought about the fork from pfSense? I find the forum on pfSense quite dormant while there appears to be quite a bit of traffic here, which suggests a wider user base.

What I am not liking is the widespread use of the Google word. "Save config on Google Drive" ... "two factor authentication with Google" all stuff that makes me shiver ... why this choice to go down the route of having to rely on the bigger spying machine on the planet .. had in hand with Facebook I guess ...?
February 02, 2019, 08:24:00 AM #1
Google Authenticator does not need a connection to Google. It is just named after its inventor - it runs entirely offline. There are 3rd party apps implementing the same algorithm so you don't need the original App. For example you can use https://freeotp.github.io/

For the backup: Our configuration backup framework allows to add multiple backup routines. I made one for nextcloud which already comes in the base installation (it's just not mentioned on the website but in the docs). Someone started with one for SCP but never finished. Google Drive is just the oldest one.
Please note that cloud backups can be encrypted before uploading so the vendor does not have access to your configuration.
February 02, 2019, 08:31:46 AM #2
You can even use FreeOTP with FreeIPA over RADIUS if you need to use an enterprise class directory: https://www.freeipa.org/page/Using_FreeIPA_and_FreeRadius_as_a_RADIUS_based_software_token_OTP_system_with_CentOS/RedHat_7

Bart...
February 03, 2019, 11:38:56 PM #3
Thanks folks for your replies. I was thinking about Nextcloud when I wrote the post ... :-)

And I need to learn more about the Google Authenticator. I always thought it linked to Google servers ...
February 04, 2019, 11:37:04 AM #4
No component relies on Google. Services are opt-in. Some people use it because it's easier for them. :)

As for forking, a lot of it had to do with worries about the future of pfSense and we wanted to retain the spirit of 2014 and take it to the next level under the same license that it was always distributed, with less fuzz and a supportive community vibe.


Cheers,
Franco
Print
Go Up Pages1
User actions