From dd468a9e26ee2f0fd0cb5050395ebba286b64cc5 Mon Sep 17 00:00:00 2001 From: rcourtman Date: Sun, 12 Oct 2025 22:11:12 +0000 Subject: [PATCH] docs: Update temperature monitoring security notice for proxy architecture Replaced outdated security warnings with accurate information about the pulse-temp-proxy architecture: - Removed scary 'legacy feature' and 'compromised container' warnings - Explains secure proxy architecture for containerized deployments - Notes that SSH keys are stored on Proxmox host (not in container) - Clarifies container compromise does not expose credentials - Includes information for both containerized and native installs - More factual and less alarmist tone The old message implied temperature monitoring was insecure for containers, which is no longer true with pulse-temp-proxy. Related to #528 --- internal/api/config_handlers.go | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/internal/api/config_handlers.go b/internal/api/config_handlers.go index 6042d2d..e5f38d7 100644 --- a/internal/api/config_handlers.go +++ b/internal/api/config_handlers.go @@ -3219,23 +3219,25 @@ if grep -q "pulse.lan\|pulse.home\|192.168" <<< "%s"; then : fi -echo "⚠️ SECURITY NOTICE" +echo "📊 Temperature Monitoring" echo "" -echo "Temperature monitoring requires SSH access from Pulse to this node." -echo "This creates the following security considerations:" +echo "Temperature monitoring collects CPU and drive temperatures via SSH." echo "" -echo " • SSH private keys will be stored on the Pulse server" -echo " • If Pulse runs in a container (LXC/Docker), keys live inside it" -echo " • Compromised Pulse = potential access to Proxmox hosts" +echo "Security Architecture:" +echo " • SSH key authentication (industry standard, used by Ansible/Terraform)" +echo " • Forced command restriction (only 'sensors -j' can execute)" +echo " • No port forwarding, X11, PTY, or agent forwarding allowed" echo "" -echo "Mitigations in place:" -echo " • Forced command restriction (only 'sensors -j' can run)" -echo " • No port forwarding, X11, or PTY allocation" +echo "For containerized Pulse (LXC/Docker):" +echo " • SSH keys stored on Proxmox host (not inside container)" +echo " • pulse-temp-proxy service manages connections securely" +echo " • Container compromise does not expose SSH credentials" echo "" -echo "This is a legacy feature. Future versions will use agent-based" -echo "architecture where nodes push metrics to Pulse (more secure)." +echo "For native Pulse installations:" +echo " • SSH keys stored in Pulse service user's home directory" +echo " • Standard key-based authentication with forced commands" echo "" -echo "Do you want to enable temperature monitoring? [y/N]" +echo "Enable temperature monitoring? [y/N]" echo -n "> " ENABLE_TEMP_MONITORING="n"