Michel Kohanim Posted May 25, 2022 Posted May 25, 2022 Hello Everyone, This is the support thread for IoP v5.4.4: With kind regards, Michel 3
wmcneil Posted May 25, 2022 Posted May 25, 2022 After updating to v5.4.4, on the Configuration / System page, I pressed the "enable TPM" button, a dialog appeared which asked for a password, which I entered. The enabling of the TPM functionality seemed to work. The button label has now changed to "Disable TPM". With regard to to this "Important Note" in the v5.4.4 release announcement: "Please go to Admin Console | Configuration tab. If Upgrade BIOS is not grayed out, please click it so that your BIOS is upgraded to UEFI. You need UEFI TPM and security." My Upgrade BIOS button is not grayed out, but hovering over it does not cause it to be outlined in blue, which for the other buttons, indicates that an action is taken if the button is clicked. Does this confirm that I do have UEFI BIOS?
Michel Kohanim Posted May 25, 2022 Author Posted May 25, 2022 @wmcneil, Please try the button. With kind regards, Michel
Michel Kohanim Posted May 25, 2022 Author Posted May 25, 2022 6 hours ago, Bumbershoot said: Looks to me like UDI is getting rid of the dependence on PG2 for Polisy maintenance with this release: Almost but not yet. 6 hours ago, Bumbershoot said: There was a new UDX file that came with this release. Maybe the dependence on MongoDB is gone? Not yet ... but, I'd be the first one to want to get rid of that monstrosity ... don't get me wrong, it's a great database for unstructured data and the cloud (ISY Portal uses it) but it's not a good data store for structured data (such as what we have for node servers). With kind regards, Michel 1 1
brians Posted May 25, 2022 Posted May 25, 2022 (edited) 2 hours ago, wmcneil said: My Upgrade BIOS button is not grayed out, but hovering over it does not cause it to be outlined in blue, which for the other buttons, indicates that an action is taken if the button is clicked. Does this confirm that I do have UEFI BIOS? Mine does the same.. I think the term "grayed out" is meant to be non-clickable/selectable. If this is the case then there is no BIOS update available. If you can Enable TPM then you have latest BIOS. Make sure you don't lose password, or wait to enable when this is required. You can always disable the TPM again but not sure of the consequences have to reset besides the warning of may not be able to restore backups - maybe has something to do/is a requirement for Z-Wave security and Matter down the road? Edited May 25, 2022 by brians
wmcneil Posted May 25, 2022 Posted May 25, 2022 25 minutes ago, Michel Kohanim said: @wmcneil, Please try the button. With kind regards, Michel Clicking the button seems to have no affect on anything.
vbPhil Posted May 25, 2022 Posted May 25, 2022 9 minutes ago, bgrubb1 said: Same here button is white but will not click Check the brightness and contrast settings on your monitor. It could be washing out the grey.
larryllix Posted May 25, 2022 Posted May 25, 2022 (edited) Moved to here Edited May 25, 2022 by larryllix
larryllix Posted May 25, 2022 Posted May 25, 2022 @Michel Kohanim Two things I am waiting for before returning to IoP. WoL still doesn't function on any of three devices tested. Sony SoundBar, Samsung 75" TV, Samsung 55" TV. These all worked well on ISY994 V.4.x but never on IoP. -------------------------------------------------- Modulus function gives erroneous results yet. Decimal values do not function at all. Some Integer values function. 13 %= 12 = 1 13 %= 12 = 4.000 13.000 %= 12 = 4.000 26 %= 12 = 2 26 %= 12 = 8.000 26.000 %= 12 = 8.000 28 %= 12 = 4 28 %= 12 = 4.000 28.000 %= 12 = 4.000 29 %= 12 = 5 29 %= 12 = 8.000 29.000 %= 12 = 8.000 Close, but no cigar, yet! More work on decimal precision needed still. (factor of 4.000 seems consistent??) Thanks!!
Michel Kohanim Posted May 25, 2022 Author Posted May 25, 2022 @larryllix, After careful consideration of tasks/timelines, WOL is better suited as a node server and will not be included. The reason is that a) we do not have anything to test with and b) there are existing python and node.js libraries that can help (IoP is in c/c++). Modulus, looking into it. With kind regards, Michel
bpwwer Posted May 25, 2022 Posted May 25, 2022 I'm wondering what a node server for WOL would look like... Configuration could be via custom parameters: [host] : [mac address] [host2] : [mac address2] I would assume the goal would be to have a program action that sends the WOL packet to one of the configured devices. So would this create a node for each host and that node would have one command to send the WOL packet? Or would a single node with a dynamic parameter list for a send command be better? A node per host would be easier to implement, but that brings up the question @Michel Kohanim, what is the node limit for IOP? It could be a pretty simple node server, so what's it worth? 1
asbril Posted May 25, 2022 Posted May 25, 2022 Excuse my ignorance but what is the meaning/purpose of TPM ? I was able to enable TPM so, based on above comments, I don't need to update the BIOS, but I don't understand what TPM stands for.
Michel Kohanim Posted May 25, 2022 Author Posted May 25, 2022 @bpwwer, Currently, 1024 but on polisy, the sky is the limit. So, I wouldn't worry about number of nodes on polisy. I prefer nodes. With kind regards, Michel
garybixler Posted May 25, 2022 Posted May 25, 2022 Just a question about 'Upgrade Packages'. If it is not grayed out does that mean there are packages that can be upgraded? If packages are up to date will it then be grayed out? Thanks Gary
Michel Kohanim Posted May 25, 2022 Author Posted May 25, 2022 @asbril, TPM = Trusted Platform Module At the highest level, it's a cryptographic chip that does not depend on anything else. In our case, it serves two purposes: 1. We can have it check the OS being run and make sure the OS (our version of FreeBSD) is signed/verified by UD 2. A root key is stored on the chip itself. The root key creates and manages a master application key that is used to create as many application keys as necessary for encrypting things (including the whole file system if need be). The only way the root key can be decrypted is via the chip. The only way the application keys can be decrypted are via the root key. So, all keys are themselves stored encrypted so the likelihood that someone can get access to the root key and application keys are exponentially reduced So, when you enable TPM, the following takes place in the RAM (so no residue on the disk): 1. A root key is created and stored in the TPM 2. A master application key is encrypted by the root key and stored in the TPM 3. Both of the above are zipped up in a package and encrypted by your password and a very secure encryption algorithm. This file is stored in the conf directory of your IoP. So, BACK IT UP NOW If you ever have to restore your IoP to another device, you WILL NEEED YOUR PASSWORD to decrypt #3 and recreate the keys in the new chipset. If you lose your password, you will have to start from scratch. With kind regards, Michel 1
Michel Kohanim Posted May 25, 2022 Author Posted May 25, 2022 1 minute ago, garybixler said: Just a question about 'Upgrade Packages'. If it is not grayed out does that mean there are packages that can be upgraded? If packages are up to date will it then be grayed out? It's never grayed out. So, you are welcome to click it as many times as you would like! With kind regards, Michel 1
DennisC Posted May 26, 2022 Posted May 26, 2022 @Michel Kohanim I have two support tickets that have been closed, but we're indicated to be confirmed bugs (one recently and one several months ago). Neither have been corrected with this update. Just wondering if there is anything in place to obtain updates on when the corrections may be coming? 1
roberthleeii Posted May 26, 2022 Posted May 26, 2022 I not see the upgrade BIOS button in my Configuration->System tab: I i enabled the TPM at the bottom, set up a password (and saved a copy ?) but the button did not appear. I am assuming that this is because my BIOS is already up to date ?♂️ but don't want to do this update until I know for sure I am able to do it.
Craigb Posted May 26, 2022 Posted May 26, 2022 (edited) 37 minutes ago, roberthleeii said: I not see the upgrade BIOS button in my Configuration->System tab: I i enabled the TPM at the bottom, set up a password (and saved a copy ?) but the button did not appear. I am assuming that this is because my BIOS is already up to date ?♂️ but don't want to do this update until I know for sure I am able to do it. I see a different screen layout in Ver 5.4.4: You may be on an earlier version. Edited May 26, 2022 by Craigb
larryllix Posted May 26, 2022 Posted May 26, 2022 WoL could be implemented as an option under the NR, if the protocol option was in the pulldowns. I'll be sticking with ISY until then I guess.
vbPhil Posted May 26, 2022 Posted May 26, 2022 (edited) upgraded to 5.4.4 and PG3 status still shows 5.4.3 for ISY. Issue resolved. Rebooted and ISY version statement is now correct. Edited May 26, 2022 by vbphil Issue resolved. Rebooted and ISY version statement is now correct.
Michel Kohanim Posted May 26, 2022 Author Posted May 26, 2022 13 hours ago, DennisC said: I have two support tickets that have been closed, but we're indicated to be confirmed bugs (one recently and one several months ago). Neither have been corrected with this update. Hi Dennis, with regret, we cannot track bugs based on customer names. Also, it's very difficult to go through all your tickets to figure out which ones were related to bugs especially the older ones. The one from 2 weeks ago was deemed low priority. With kind regards, Michel
Recommended Posts