FreedomBox Newbie Seeking Guidance: Secure Home Network Setup

Hello everyone ,

I’m excited to be diving into the world of FreedomBox and taking control of my home network’s privacy and security! However, as a complete newcomer, I’m hitting some roadblocks during the initial setup and configuration. I’d be incredibly grateful for some expert advice from this amazing community to ensure my FreedomBox is both secure and effective.

My Setup and Challenges:

• Hardware Hero (or Villain?): I’m using a trusty Raspberry Pi 4 as my FreedomBox base. Installation went smoothly – FreedomBox is up and running on an SD card, and I can access the web interface on my local network. Phew!
• Network Navigation: My home network is a bustling hub with various devices (computers, phones, even some IoT gadgets). I’d love some best practices for configuring network settings to maximize security and privacy for all these connected companions.
• Domain Demystification: I’m thinking about setting up a custom domain for FreedomBox to access it remotely. Could someone guide me through the steps of configuring a domain name and highlight any security considerations for remote access?

Securing My FreedomBox:

Update Avalanche:** What are the recommended practices for keeping the system and applications up-to-date to stay ahead of security vulnerabilities?
Authentication All-Stars:** How can I implement robust authentication methods to further strengthen the security of my FreedomBox?
Traffic Tamers:** What tools or methods are recommended for monitoring and managing network traffic to identify and address potential security threats effectively?

Troubleshooting Tribulations:

I’ve encountered some occasional connectivity issues and trouble accessing the FreedomBox web interface. While I checked out the resource at Notes/freedombox.md at master · jgbarah/Notes · GitHub sf cpq, it didn’t quite solve the problem. Are there any common troubleshooting steps or known issues I should be aware of?

Thank you all in advance for your support and guidance! I’m eager to learn from this community’s expertise and ensure my FreedomBox setup is not only secure but also reliable.

Welcome!

Do you access it using an IP address or a name? Normally, there should be nothing special to do. One thing could be to set a fixed IP address, either by setting DHCP of your router to always allocate the same address or setting it manually in the settings in the web interface.

I am not sure whether all the manual things indicated in the link you mentioned are done to the machine running Freedombox. My recommendation would be not to install or modify anything via command line, unless you are really sure it won’t interfere with Freedombox (creating a directory for the “sharing” or for samba is of course fine).

Normally, it should work automatically. However, one problem that occured on raspberry pi is old kernels not being removed from the partition that holds /boot/firmware, so that it becomes full and problems occur.

You may want to check how full that partition is sometimes.

I don’t know. I have been using for about 2 years postfix/dovecot, ejabberd, quassel, radicale and syncthing with a fixed IP address and domain name, I here and then looked at logs but I never had any problem.

My basic securit recommendation would be simply to use passwords properly i.e., randomly generated, long and not reused. The most practical method is to use a password manager, with your password database protected by a long enough random password, generated as in Diceware - Wikipedia (I use keepassXC, it can also generate such a password).

Have an easy way to repair filesystems on your microSD card, make backups, practice restore with a spare microSD card. MicroSD cards do get corrupted after some time.

EDIT: in “Software Update”, make sure “Enable auto-update to next stable release” is unticked, updating to the next stable release is something to do when you surely have time to deal with problems.