Regarding Security

All content, all the time, privately.

Introduction

In this part we will discuss the security implementation that we used for our project, from user level.
Concerning the implementation of LoRa security, i.e. the physical layer for secure transmission, this part is well discussed on the LoRa Technology tab. The topics are:

  • Node-RED Security
  • External Access
  • Here to more details and materials.

    • Node-RED Security

    Following the Securing Node-RED, you can protect your Node-RED dashboard with a password, but you need to change some paramaters on settings.js file on Node-RED directory.
    To do this you need to open the Node-RED directory on your device, it's the same if it's a Raspberry Pi or your Windows notebook, and show the hidden files.

    Node-RED folder on Windows OS

    You need to uncomment adminAuth as you can see in this example:

    adminAuth example

    Now you need to create your personal password, what you see on the previous image in a hashed password.
    To hash your password open a CLI on a new window:

    Also if you uncomment httpNodeAuth:

    httpNodeAuth example

    You can use a different couple username-password for your project.
    This solution is implemented for the end-user to access only on the graphical interface (Dashboard) of your Node-RED Project, it can't access with this credential on the Control Panel and visualize/change the flows.

    node-red admin hash-pw

    External Access

    You can also access from your end device (like smartphone, PC, etc ..) to Node-RED Dashboard.
    To do that we install ngrokon our RPi 3 and tested its service with the Free Plan, it allows you to connect to your local service (as Node-RED) externally as if you were inside the local network itself from your end device (as your smartphone).
    And also is a open-source project. After installed it, from CLI windows if you put:

    ngrok http https://localhost:1880
    It creates two links, one in http mode for a not encrypted connection, second one in https mode for an encrypted connection, if you copy this link on your browser, you can access safely to your Node-RED Dashboard with your personal credential that you have been created firstly.
    If you want to secure your connection over https, ngrok allow to create a password to establishing the connection, but this option is available only on Paid Plan.
    Another option is to choose the address to connect with your desired service, but also in this case you need the Paid Plan.

    More Details

    You can find more details on:

  • Manuals for RPi on our GitHub Repository.
  • YouTube video with an application example.