Raspbian is sometimes a compromise between security and usability, because it is designed to go into the hands of new users. It also used to ship with a default “pi/rasberry” login hardcoded and IIRC permitted root password login over ssh. Things experience users change or turn off, but needs to start friendly for the rest, you know?

By doing this, they can take a step in the right direction by separating the root and login user, without becoming annoying asking for a password frequently as a newbie copies and pastes tutorial commands all week.

And as I said it’s unlikely, even very unlikely, but just not impossible. Everything comes with a risk, I just believe it’s up to you, not me, what risks mean in your environment. Might be you’d like to have the convenience on the home dev server, but rather have as much security as possible on a public facing one.

Or maybe you’d like to get really dialed in and only allow specific commands to be run without a password, so you can be quick and convenient about rebooting but lock down the rest. Up to you, really, that’s the power of Linux.

If you’ve got a VPS at your disposal, many of the homepage softwares I’ve tried over the years have some amount of caching to make them quite fast or even operate offline(“Homer” for one required me to deeply purge my cache as it would still appear when my site was offline…despite having replaced it long ago! 😂). Or, if you wanted to roll your own static HTML page, you can absolutely add a Service Worker for your own offline caching.

That’s where I’m at now. I use a custom ServiceWorker static HTML for my homepage and tab page on all my devices. This page is a bouncer, checks if I’m at home or not(or if my local dashboard is offline) and either redirects me to the local homepage which has all my HomeLab services on it, or if it fails just tells me I might be abroad or offline and lists a few public websites.

And yes, this works offline or over a shitty connection. Essentially the service worker quickly provides the cached page from the browser storage, then tries to take the time to check the live version. If it gets one, it updates the cache, if not, enjoy the offline version.

Might be a bit over the top, but I set up a custom homepage startpage, and then grabbed the New Tab Override extension so that it opens on new tabs as well as being my homepage.

So if you can think of any websites that might do what you want like cardd or link tree, or are interested in making your own little webpage and hosting it somewhere free, that might work and as a bonus will be the same across all your browsers and devices. Could even load it up on someone else’s computer if you remember the link.

In Debian, you will want to modify your /etc/sudoers file to have the NOPASSWD directive.

So where you find something like this in that file:

%sudo ALL=(ALL:ALL) ALL

Make it like this:

%sudo ALL=(ALL:ALL) NOPASSWD:ALL

In this example, powers are given to the sudo %group, yours might just say pi or something else the user fits into.

Also, please note that while this is convenient, it does mean anyone with access to your shell has a quick escalation to root privileges. Some program you run has a shell escape vulnerability and gets a shell without a password, this means they also get root without one too. Unlikely to happen, sure, but I believe one should make informed decisions.

I use Minio https://github.com/minio/minio, though there are others. As someone who never worked with s3 before but wanted to try it and use it with some apps that supported s3 as a storage target, it’s been working fine for me though I’m certainly not using it to its potential. Has web access and all.

Others might be:

https://github.com/seaweedfs/seaweedfs

https://garagehq.deuxfleurs.fr/

deleted by creator