I have updated the MineOS Turnkey ISO to:
I have updated the wiki, and the homepage. If anybody else can think of a place where people have downloaded this ISO that I need to change, let me know!
Hi,
Does this version of Turkey have all the webmin and iptables setup? from what I can see it seems like the iptables is letting all traffic IN and i dont see the webmin active. Or maybe i’m just confused from the old jessie builds to this one?
[webmin** ok I just found the ‘start’ and ‘stop’ scripts in /etc/webmin , and if you run the start it does become available on port 12321 as usual. and it seems its set to not start at boot time by default]
Also It seems it let the root user login by but im sure that was supposed to be disabled by default no?
is this the current version, it was just downloaded from the mineos site.
Welcome to Mineos-tkldev, TurnKey GNU/Linux 14.0 (Debian 10/Buster)
isnt the latest turkney v16 though?
Webmin behavior should be unchanged–that is, packaged, but not enabled to start on boot.
systemctl enable webmin should turn it on.
iptables should be installed, configured and working according to these rules from the Turnkey buildscript.
Notably, it should be dropping all non-matched inbound packets. If you are certain that this wasn’t a user change, then I should definitely do a fresh install of the most recent ISO to confirm and fix.
Also It seems it let the root user login by but im sure that was supposed to be disabled by default no?
If you mean log in to the console, then root login is intended to be allowed.
If you mean log into SSH, then root login should not work with a password, but will work with a RSA key.
Or it could be that I also did not define that, but the Turnkey build itself changed (just with regard to the SSH issue), I’ll check the install.
Let me double check i guess. . Ok if the iptables should be enabled and as per iptables-github then i think iptables is not running. Atleast according to the ‘webmin’ its set to not start on boot. the ‘activate at boot’ in the webmin screen shows ‘no’ . also i have a minecraft running on 25566 and it works even though i didnt “i think…” reapply my old rules? but really id need some confirmation.
i think the active one is really /etc/iptables.up.rules ?
in my case its all behind a firewall anyways but still wanted to verify.
[quote]If you mean log into SSH, then root login should not work with a password, but will work with a RSA key.
[/quote]
well by ssh. yes it allows. unless there was some prompt at the setup that i hit by mistake?
but /etc/ssh/sshd_config. shows
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
…
PermitRootLogin yes
mind u for me its convenient as i can sftp using root localy to update some things 
so I probably would have turned it on anyways. (or i did and totally forgot 