Not sure if to do this but i just found this web site to allow me to control my Raspberry Pi from anywhere.
Has anyone done this?
Looks like this site installs a reverse-connection shell on your raspberry pi⌠where itâs a newer company that Iâve never seen or heard anything about, Iâd be hesitant to install this application that hands access over to some stranger company⌠Thatâs not to say itâs immediately bad, but that it just doesnât make me comfortable knowing that somebody officially has a way to peek into my machine, monitor my memory, CPU, and file system. The only thing that stops them from also accessing your pi (and through it your network) is the kindness of their hearts.
Iâm sure it will work, but I wouldnât advise anybody to use it. If you do, please let us know how it performs for you 
Your sacrifice will be appreciated! 
2 Likes
@gaolaowai makes a NUMBER of good points and itâs advice that should always be followed.
However it looks like this may be legit; did a little research and found this post on the Raspberry Pi site itself:
https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=117100
In the last post there is a link to some documentation of the architecture so this may make you feel more secure. Please let us know if you try the service; right now I donât have the need and can always get into one of my PCs and then telnet from there but I might be interested for other Pi things in the future.
Hi there!
Thanks for the post! Apologies it took me so long to pick this one up - seems my google-fu let me down a bit lately.
I am the Founder of MachineForest, the company behind dataplicity, the dataplicity Remote Shell for Raspberry Pi, and dataplicity Wormhole.
Weâve published a bunch of documentation on what our service is and how it works here: http://docs.dataplicity.com/ and you can also write to us directly via our support messenger at dataplicity.com.
One question raised above that Iâd like to deal with directly is that of security and some steps that weâve taken to protect your devicesâŚ
- It goes without saying that your login password is hashed and salted in our database, so your password is as secure as we can make it.
- Dataplicity requires the installation of a Python client on your Pi, however this client runs as an unprivileged user which means when you connect using the dataplicity shell, you still need to enter your sudo password to get superuser access to your device.
- This sudo password is stored only on your device, which means even if we wanted to we cannot get superuser access on your device without your sudo password. That said, by default Rasbian OS has this password set to âraspberryâ, so we highly recommend that you change it for your own protectionâŚ
- As to the client itself, itâs out in the fresh air for your perusal: https://github.com/wildfoundry/dataplicity, itâs also on pip and being Python you can even read the code directly from your Pi. You could even write your own client if you prefer and weâll help you with the API.
Youâll find me on LinkedIn, and if youâve got an awesome project youâd like to chat about you are welcome to get in touch and perhaps to come visit us at our offices in Summertown, North Oxford. I should warn you that we are in England and it is Summer, so it is probably going to rain.
Please do let me know if I can be of any further assistance!
Best,
Elliot Mackenzie.
2 Likes
Thanks for visiting and introducing yourself, Elliot. Iâm sure this helps put a lot of peopleâs minds at ease. And thanks for the security advice!
You claim that the user account dataplicity creates is unprivileged, and that you would need to type in the sudo password to gain root access, but that is not true. Your install script creates a dataplicity account and then adds it to the sudoers list (/etc/sudoers) which allows the account to gain root access without entering the root password, thus giving that account unfettered access to the raspberry pi as root.
So how do you explain that?
In my mind, this is a dangerous service, and since you do not explain to visitors on your website that they are opening up their raspberry pi to all employees at dataplicity, you are also not being forthcoming and honest. There should be a warning on the front page that says, âHey, we are going to have access to the entirety of your raspberry pi and your personal files, but we promise that you can trust usâ
I know you are not trying to gain access to peoples computers or snoop their files, and I know this is a service you are providing as a benefit to people who may otherwise not know how to access their pi remotely, but there is no way to know who else other than you has access to the raspberry pi. Are you a one man shop? Do your friends have access? Its just hard to go on a handshake and a smile, you know?
2 Likes
Hi there,
Thanks for posting in with your concerns. I am sorry that we have not made it sufficiently clear the steps the installer makes and why. I would like to address those directly here.
Straight off the bat, you are right to be very cautious about allowing any modifications to sudoers. The dataplicity installer does make one edit to sudoers to provide very narrowly defined access for one very specific reason which is to enable a function thatâs advertised as part of the service - remote rebooting of your Pi. On Linux, running ârebootâ normally requires superuser, and since the dataplicity client doesnât run as superuser, we have to explicitly allow define this access in sudoers.
As you correctly pointed out, the dataplicity installer:
- Creates a âdataplicityâ user account which is marked as a system service account.
- Makes a modification to /etc/sudoers, which is the addition of the line âdataplicity ALL=(ALL) NOPASSWD: /sbin/rebootâ.
The addition to /etc/sudoers allows the dataplicity client to run only a single command - â/sbin/rebootâ. The purpose of this is to make the ârebootâ button work in your dataplicity account. This line does NOT, however give us the ability to run a root shell without your su password - the ONLY command the agent can run as superuser is ârebootâ. If you prefer, you can remove this line from sudoers and the only functionality that you will lose is that the remote reboot function wonât work anymore.
I apologise if this has caused you concern and weâll be making some changes to our documentation to reflect exactly what this does and how it is used. I will also investigate an option to allow you to opt-in to the sudoers modification at to allow you to opt-in to the remote reboot function at install time.
Does this adequately answer your query? Please feel free to either reply here or for a more timely answer you can write to me using the support function at dataplicity.com.
Regards,
Elliot.
1 Like