Skip to content

Security Configuration

Jump to bottom Edit New page
BWS Systems edited this page Apr 7, 2017 · 11 revisions

Introduction

New Feature in version 4.5.0 and after!

In the Bridge Control Tab there is a new button Update Security Settings that will popup a dialog box to configure the security to be used for the ha-bridge. This is a suggested feature to use as with the advent of home automation devices being the target of hacks such as the network video cameras that where taken over.

WARNING: The ha-bridge should never be exposed to the internet through your router. Period. End of Story. Doing so is inviting hackers to try and get in. The ha-bridge can control too many things in your home that would be targets. It does not matter how much security is put into the ha-bridge, it is just better to not give any one the choice.

So, now we have that out of the way, let's discuss the settings.

Command Line Arguments

There are two arguments for security that can be used. One of which is very important if you decide to use username and passwords.

-Dsecurity.key=<Your Key To Encrypt Security Data>

This option is very important to set if you will be using username/passwords to secure the ha-bridge. The ha-bridge needs to encrypt the settings in the config file and to make sure they are secured specifically to you is to provide this key. Otherwise a default key is used and it is available in the code on github for the ha-bridge here, so not very secure in that sense. It is very important provide this if you are using username/password.

-Dexec.garden=<The path to your scripts and program directory>

This sets a directory of your choosing to have a walled area for what can be executed by the Exec Command type. This is a good feature to use if you use the capabilities of executing a script or program from the ha-bridge. The default is not set which allows any program or script to be called and anyone with access to the your system could create an exec command call and execute it from the api. This is will prevent any issues if your system gets hacked.

Security Dialog

Security Dialog when NO usernames are created

First Time Security Dialog

Security Dialog when usernames are created

Security Dialog

  1. Use Link Button - This item tells the ha-bridge to operate like a hue bridge with it's link button. No device can register with the ha-bridge unless the 'Link' button is pressed on the Bridge Devicespage. TheLink` button is only visible when this setting is checked.
  2. Use username/password for HUE Api - This item tells the ha-bridge that you want to have the HUE API itself secured with the username and password that you configure. If you do have a username configured (See next item on how), you will not be able to use any application that expects to talk to a HUE in it's normal way. This option is for persons that use the ha-bridge by calling it from their custom programs.
  3. Update - This button will change the settings for the link button and secure hue api items above.
  4. Add/Delete User - This is where you can set your username to be entered to secure your system. Once you create the password in the fields below this item, your system will ask you to provide the credentials going forward. This field also allows you to remove usernames from the system. Once the last username is removed, the system will then be unsecured and not ask for login credentials. This is accomplished by typing in the username and selecting the Delete button.
  5. Change Password for <username> - This item will display the username of the user logged in or will dynamically update when adding a new user. type in the password to set. You will then have to confirm it on the next field. The little check box to the side will allow you to see your password.
  6. Confirm Password - This item is to confirm your password that you entered in the field above this. When the passwords match, you will then get a button to either Add User if you were entering a new user into the system or a Change Password button if you are changing your password.
  7. Change Password - This button only is visible when you have entered matching passwords in the fields above this when the logged in user is changing the password.
  8. Add User - This button is only visible when you have entered matching passwords in the fields above this when a new uesr is being added.
  9. Dismiss - This button can be used anytime to clear the dialog and will not save or update any items that were not already done through other buttons.
Add a custom footer
Add a custom sidebar
Clone this wiki locally