From 89f8f71613ff424b01aabd1953ad26823256b734 Mon Sep 17 00:00:00 2001
From: Guido De Rosa <guidoderosa@gmail.com>
Date: Sun, 15 Dec 2019 08:12:04 +0000
Subject: [PATCH 1/2] disable insecure pi user

---
 setup | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/setup b/setup
index 3bcd7f7..dcd8753 100755
--- a/setup
+++ b/setup
@@ -41,3 +41,10 @@ cd $ONBOARD_ROOT
 bash etc/scripts/platform/debian/setup.sh $ONBOARD_ROOT $ONBOARD_USER
 
 bash modules/openvpn/etc/scripts/platform/debian/setup.sh $ONBOARD_ROOT $ONBOARD_USER
+
+if id -u pi 2> /dev/null; then
+    echo 'Disabling password authentication for user "pi" (Raspberry PI).'
+    echo 'This default user, likely left with default password, is a security risk.'
+    echo "We have the user '$ONBOARD_USER' instead."
+    passwd -d pi
+fi

From 1f59508ca1b925c2bb3f235c6e8a3cf46af0b1d1 Mon Sep 17 00:00:00 2001
From: Guido De Rosa <guidoderosa@gmail.com>
Date: Sun, 15 Dec 2019 09:11:24 +0000
Subject: [PATCH 2/2] improve user existence check

---
 setup | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/setup b/setup
index dcd8753..d9fd217 100755
--- a/setup
+++ b/setup
@@ -42,9 +42,10 @@ bash etc/scripts/platform/debian/setup.sh $ONBOARD_ROOT $ONBOARD_USER
 
 bash modules/openvpn/etc/scripts/platform/debian/setup.sh $ONBOARD_ROOT $ONBOARD_USER
 
-if id -u pi 2> /dev/null; then
-    echo 'Disabling password authentication for user "pi" (Raspberry PI).'
-    echo 'This default user, likely left with default password, is a security risk.'
-    echo "We have the user '$ONBOARD_USER' instead."
-    passwd -d pi
+if id -u pi 2> /dev/null; then # DO not show missing user error here...
+	if id -u pi $ONBOARD_USER > /dev/null; then # ...but so show it here!
+    		echo 'Disabling password authentication for user "pi" (Raspberry PI).'
+    		echo "We have the user '$ONBOARD_USER' instead."
+    		passwd -d pi
+	fi
 fi