Hey Guys,
it would be very nice, that passwords stored in the config file could be saved encrypted and not in plain text. This should also be an option for plugins like pimatic-fritz.
Is something like this already implemented or planed?
Encrypted Passwords
Hey Guys,
it would be very nice, that passwords stored in the config file could be saved encrypted and not in plain text. This should also be an option for plugins like pimatic-fritz.
Is something like this already implemented or planed?
pimatic-google-calendar | pimatic-wmi | pimatic-snmp | pimatic-wakeonlan |
Like my work? Then consider a donation
Follow me: www.thorstenreichelt.de
@thost96
You would need physical access to the server/raspberry pi and login with a known user/password to get to the config file. Only other option to get to the config is by accessing it from Pimatic. You would need rights (configured it in the roles) and know the password. With read rights to the config, but not knowing the password you will only see xxx as password.
In my opinion there is enough protection for the config?
Like my projects and help? Consider donating electroneum etnjwAKGPqF6omQWRmpp9u2BPyVDG9VuyRQjNJ1S8yfBdfR9qeUQ46kRy8KS2CNqbpNLRrsgmNW6F2TMzxmZgPrh6KctrkrYbm
I think it would be better to provide for an option to using a trusted authentication service like we have the forum, for example. This way, you won’t need to store a password.
It should be fairly straightforward to implement using http://passportjs.org/ for example
"It always takes longer than you expect, even when you take into account Hofstadter's Law.", Hofstadter's Law
@koffienl said:
In my opinion there is enough protection for the config?
Yes, youre right, but it would be a nice security feature.
@mwittig
I think an integration for a system like the forum is nice, but not everybody likes to use e.g. github or any other external service for authentification. Also what do you do, when your internet connection is down? Authentificationto pimatic would then also don’t work.
I would also be nice to have a kind of global authentification, like if you have multiple pi’s running pimatic with the same users.
pimatic-google-calendar | pimatic-wmi | pimatic-snmp | pimatic-wakeonlan |
Like my work? Then consider a donation
Follow me: www.thorstenreichelt.de