Node-Red: Secure with password

This article  is a sequel of our Node-Red series of tutorials and focuses on Securing of Node-Red with a password. We can restrict access to node red with one or multiple user accounts.

Add a user account:

  • Navigate to the .node-red folder where Node-Red is installed.
    • Normally the location is /IP_ADDRESS/Pi Home/pi/.node-red.
  • Open the settings.js file and edit the adminAuth property by navigating down the file.
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
//adminAuth: {
// type: "credentials",
// users: [{
// username: "admin",
// password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.",
// permissions: "*"
// }]
//},
//adminAuth: { // type: "credentials", // users: [{ // username: "admin", // password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.", // permissions: "*" // }] //},
//adminAuth: {
    //    type: "credentials",
    //    users: [{
    //        username: "admin",
    //        password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.",
    //        permissions: "*"
    //    }]
    //},
  • Remove the // comment characters.
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
adminAuth: {
type: "credentials",
users: [{
username: "admin",
password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.",
permissions: "*"
}]
},
adminAuth: { type: "credentials", users: [{ username: "admin", password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.", permissions: "*" }] },
adminAuth: {
        type: "credentials",
        users: [{
            username: "admin",
            password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.",
            permissions: "*"
        }]
    },
  • Change username as desired.
  • SSH the device using PuTTY.
  • Generate hash using the command;
    • For Node-RED 1.1.0 or later
      node-red admin hash-pw
      node-red admin hash-pw.
    • For older versions of Node-RED
      node-red-admin hash-pw
      node-red-admin hash-pw.

  • Copy the hash from PuTTY and paste it against password in adminAuth property.
  • Save the file.
  • Restart the Node-Red
    sudo systemctl restart nodered
    sudo systemctl restart nodered.
  • Now Node-Red will ask for the username and password as expected.

0 0 votes
Article Rating
Subscribe
Notify of
guest


0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x