In this part we will discuss the security implementation that we used for
our project, from user level.
Concerning the implementation of LoRa security, i.e. the physical layer for secure transmission, this part is well discussed on the LoRa Technology tab. The topics are:
you can protect your Node-RED dashboard with a password,
but you need to change some paramaters on settings.js file on Node-RED directory.
To do this you need to open the Node-RED directory on your device, it's the same if it's a Raspberry Pi or your Windows notebook, and show the hidden files.
Node-RED folder on Windows OS
You need to uncomment adminAuth as you can see in this example:
Now you need to create your personal password, what you see on the previous image
in a hashed password.
To hash your password open a CLI on a new window:
Also if you uncomment httpNodeAuth:
You can use a different couple username-password for your project.
This solution is implemented for the end-user to access only on the graphical interface (Dashboard) of your Node-RED Project, it can't access with this credential on the Control Panel and visualize/change the flows.
node-red admin hash-pw
You can also access from your end device (like smartphone, PC, etc ..) to
To do that we install ngrokon our RPi 3 and tested its service with the Free Plan, it allows you to connect to your local service (as Node-RED) externally as if you were inside the local network itself from your end device (as your smartphone).
And also is a open-source project. After installed it, from CLI windows if you put:
ngrok http https://localhost:1880It creates two links, one in http mode for a not encrypted connection, second one in https mode for an encrypted connection, if you copy this link on your browser, you can access safely to your Node-RED Dashboard with your personal credential that you have been created firstly.
If you want to secure your connection over https, ngrok allow to create a password to establishing the connection, but this option is available only on Paid Plan.
Another option is to choose the address to connect with your desired service, but also in this case you need the Paid Plan.
You can find more details on: