Great content as always! 
Wishing everyone a great weekend!

Wow some great content to watch while on vacation and thank you for the mention Madi.

Great content from all and welcome any new members.  Have a great weekend everyone as I have another week of vacation next week too. 

Good to see new faces on recap!

Thanks for all news guys. 

I’m a little late to watching this one, but great stuff as always!

Thanks for having me ​@Madi.Cristil , I had lots of fun recording the recap!

great content, useful tips and discussion, as always!

Have a great vacations y’all.

cheers.

Great to have you, ​@HunterLAFR ! :)

Hey ​@HunterLAFR ​@Madi.Cristil ​@Andrew.Zhelezko, first off, thanks for a blog shout-out!  Sorry for the delay as I try to work through a backlog of items as the past few months have been chaotic at best. And Madi, yes, I do hope to become more active again in the Community Hub!  Just…..time is and has been an issue, but I hope to make a return as I’d love to hold the double-elite title as both Legend and Vanguard!

As for your feedback, I did talk to Hannes in the R&D Forums a little bit to get his opinion as well.  He did have a little bit of feedback on the process but really it was about booting into single-user mode to get access into the VHR at the root level to modify the configuration file.

With that said, yes, it’s for sure deep in the weeds and honestly about as deeply technical as I can get into Linux as I’m by no means a linux expert. And yes, I agree, this is controversial by circumventing just just a little bit of the hardening by unlocking USBGuard, but I think overall this is a very small portion  of the overall security picture that may be acceptably safe as long as you are also utilizing good physical security to your hardware as well.

I just wanted to note the workaround could also allow you to add specific USB keyboard and mouse devices by the device ID. The beauty of USBGuard is that it will list the device ID of an unauthorized device on the logon screen when you plug it in so that you can log and and then later whitelist that specific device if you wanted.  In my case, I did not ANY USB device, but I did allow ANY keyboard or mouse device.

I did make a request to Hannes that there at some point be a function in the TUI that we can modify that config file so that we can whitelist specific device ID’s or ID types in a supported fashion, but I don’t think that’ll be coming anytime soon.

Again, thanks for the Vanguard spotlight!  And make sure you read those dad jokes at the end of each post - my whole family has started contributing to them!

Very good the article Veeam Hardened Repository – Device is not authorized for usage!! really good to know.