jmstriegel
commented
8 years ago Hi @jgoewert -
Sorry for the dreadfully slow reply. This was a really tough decision that we made a few years ago when conceiving Coder. On the one hand, I don't like the idea logging into and programming a device over wifi without SSL. On the other hand, there's no real way to do SSL on a private device without using a self-signed certificate.
Back when this decision was made, using a self-signed cert seemed like the correct choice, and I was optimistic that with the massive interest in IoT devices that a standard way for directly accessing local devices would emerge within the next few years. That hasn't happened -- devices by and large are either managed in the clear (like your average cable modem or wifi router), or are managed by proxying all management through a central cloud service.
My current opinion is definitely NOT to train students to ignore certificate errors, but it's also not to have them log into a device over an insecure http connection. A recommendation would be to use this as a learning opportunity, to discuss how the certificate system works, why it's important, what it was designed to accomplish, and specifically what this warning means and how it applies to accessing a device on a local network without a proper domain name.
I'm not sure why this project uses SSH in the first place since it is a development test bed. So, when you access by IP address, it gets a certificate with an non-trusted certificate and invalid certificate. When you access by domain name, it still has a non-trusted certificate.
Since this project seems to be aimed at students, should it really be training them to ignore certificate errors?