I am testing homeassistant (currently using openhab) and my first impression was
Nice appearence. Nice set of addons. Homematic even
Then I figured that it is configured “secure” to an extend that just drives me crazy. All the things that could be so simple in an home environment just don’t work.
SSH: not available.
Http port 80: not available.
MQTT anonymous access: not available.
Why not let people get their stuff up and running and activate security later ? I spend so much time for unnecessary debugging.
Really, don’t get me wrong. I am not complaining, I just mean to report my unbiased experience and would suggest to introduce a “relaxed” security option that lets you get the system up and running first.
No… What should port 80 be? Why not just use 8123 as everyone else uses?
Not sure if it is or not. I don’t use MQTT enough to answer.
Because most people don’t activate the security later.
I generally don’t like being forced to do things but we all know what you suggest is not a good idea.
Who is going to be the blame when things go south? The user who just had this setup while setting it up for the first five six years or HA for not making sure the user is safe?
SSH plugin. Thats what I thought too. But who uses a browser for the SSH shell ? Port 22: not available, at least not out of the box. You have to go the extra mile here.
MQTT- Even the changelog admits that anonymous access has been disabled. None of my sensors uses credentials. Why should they. IMHO thats the beauty of MQTT. Just simple message exchange.
I totally get that security thought. I got most of it covered by not exposing my server to the internet though. But at the moment this security settings are just preventing things from working. A lot of things actually.
