Home of the Squeezebox™ & Transporter® network music players.
Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 34
  1. #21
    I just finally decided to play with piCorePlayer -- nice work!

    Am I missing something, or is there no official way to password-protect the piCorePlayer web interface?

    Thanks,

    Peter
    owner of the stuff at https://tuxreborn.netlify.com/
    (which used to reside at www.tux.org/~peterw/)
    Note: The best way to reach me is email or PM, as I don't spend much time on the forums.
    Free plugins: AllQuiet Auto Dim/AutoDisplay BlankSaver ContextMenu DenonSerial
    FuzzyTime KidsPlay KitchenTimer PlayLog PowerCenter/BottleRocket SaverSwitcher
    SettingsManager SleepFade StatusFirst SyncOptions VolumeLock

  2. #22
    Senior Member paul-'s Avatar
    Join Date
    Jan 2013
    Posts
    1,683
    You can shut It down. There is a command line program ôsetupö
    piCorePlayer a small player for the Raspberry Pi in RAM.
    Homepage: https://www.picoreplayer.org

    Please donate if you like the piCorePlayer

  3. #23
    Quote Originally Posted by paul- View Post
    You can shut It down. There is a command line program ôsetupö
    Got it, thanks. Kinda fun that both setup & the alsa equalizer require me to SSH in from 'xterm', which I haven't used much in years. :-)
    owner of the stuff at https://tuxreborn.netlify.com/
    (which used to reside at www.tux.org/~peterw/)
    Note: The best way to reach me is email or PM, as I don't spend much time on the forums.
    Free plugins: AllQuiet Auto Dim/AutoDisplay BlankSaver ContextMenu DenonSerial
    FuzzyTime KidsPlay KitchenTimer PlayLog PowerCenter/BottleRocket SaverSwitcher
    SettingsManager SleepFade StatusFirst SyncOptions VolumeLock

  4. #24
    Senior Member Greg Erskine's Avatar
    Join Date
    Sep 2006
    Location
    Sydney, Australia
    Posts
    1,597
    hi peterw,

    Yeah, the original piCorePlayer's configuration was done via a "setup" script. The web interface is easier to use but there were some circumstances where a script still made sense.

    We have been doing some "security" development but it probably won't make it into the next pCP. For instance, the web interface can be turned off, or it will only work for x number of seconds after a reboot.

    There is a [Configure] button for alsaequal (after it has been installed) on the web interface! The original help message is still valid though.

    regards
    Greg

  5. #25
    Senior Member
    Join Date
    Dec 2015
    Posts
    187
    would a public/private certificate ever be an option ?
    rPi 3 + rasPi 7" LCD + HiFiBerry DiGi+ | rPi 2 + IQaudio DAC+ |rPi 2 + HiFiBerry DAC+ | Squeeze Box Touch | LMS + XPenology on HP Gen 8 |


  6. #26
    Senior Member paul-'s Avatar
    Join Date
    Jan 2013
    Posts
    1,683
    Busybox httpd doesn’t support https. There are solutions like stunnel that supposedly work without needing any changes to the httpd code. But it’s not actively being worked on. Easier options for access control is what we are looking at.
    piCorePlayer a small player for the Raspberry Pi in RAM.
    Homepage: https://www.picoreplayer.org

    Please donate if you like the piCorePlayer

  7. #27
    Senior Member
    Join Date
    Dec 2015
    Posts
    187
    Cool.
    Thanks Paul
    rPi 3 + rasPi 7" LCD + HiFiBerry DiGi+ | rPi 2 + IQaudio DAC+ |rPi 2 + HiFiBerry DAC+ | Squeeze Box Touch | LMS + XPenology on HP Gen 8 |


  8. #28
    Quote Originally Posted by huxmut View Post
    would a public/private certificate ever be an option ?
    BTW, pCP seems to include OpenSSH's sshd so you might be able to do things like configure busybox httpd to listen on the loopback address only (looks like you'd want to edit /usr/local/etc/init.d/httpd), and then use ssh port forwarding to access it remotely via something like http://localhost:8010/ on your SSH client box. I expect you should also be able to configure sshd to only accept public key authentication if you'd like to avoid passwords. Editing those files is a bit cumbersome -- http://www.brianlinkletter.com/persi...inycore-linux/ seems to explain how to make persistent changes.

    I think it'd be nice if pCP supported something like the old Pi config.txt to allow setting some common options (including disabling the httpd or binding it only to loopback) when preparing the SD card, so the system could be locked down from the moment it first booted up without jumping though so many hoops. Might be nice to offer a web UI (on picoreplayer.org?) that would output a textarea whose contents could be pasted straight into the config text file to help avoid errors. I'd include wifi configuration in such a tool.
    owner of the stuff at https://tuxreborn.netlify.com/
    (which used to reside at www.tux.org/~peterw/)
    Note: The best way to reach me is email or PM, as I don't spend much time on the forums.
    Free plugins: AllQuiet Auto Dim/AutoDisplay BlankSaver ContextMenu DenonSerial
    FuzzyTime KidsPlay KitchenTimer PlayLog PowerCenter/BottleRocket SaverSwitcher
    SettingsManager SleepFade StatusFirst SyncOptions VolumeLock

  9. #29
    Quote Originally Posted by peterw View Post
    BTW, pCP seems to include OpenSSH's sshd so you might be able to do things like configure busybox httpd to listen on the loopback address only (looks like you'd want to edit /usr/local/etc/init.d/httpd)
    Looks like a much simpler approach would be to "disable" the web UI with the command line 'setup' tool and then have one of the User Commands be
    Code:
    /usr/sbin/httpd -h /home/tc/www -p 127.0.0.1:80
    (pCP's sshd config already allows port forwarding.)
    owner of the stuff at https://tuxreborn.netlify.com/
    (which used to reside at www.tux.org/~peterw/)
    Note: The best way to reach me is email or PM, as I don't spend much time on the forums.
    Free plugins: AllQuiet Auto Dim/AutoDisplay BlankSaver ContextMenu DenonSerial
    FuzzyTime KidsPlay KitchenTimer PlayLog PowerCenter/BottleRocket SaverSwitcher
    SettingsManager SleepFade StatusFirst SyncOptions VolumeLock

  10. #30
    Senior Member Greg Erskine's Avatar
    Join Date
    Sep 2006
    Location
    Sydney, Australia
    Posts
    1,597
    hi peterw,

    Thanks for your continued interest in pCP. Are you still using it?

    We understand the security issues you mention. We are working on security in the background but generally don't discuss things we are developing.

    The current pCP has a method of disabling ssh. The next version of pCP has a new "beta" method of disabling the web GUI. It can be permanently on, permanently off or shuts down after so many seconds. The general password checking code has been written but not implemented yet. Adding a password authentication on the web server has been tested but not implemented yet. It requires a restructure of the current web server, planned for some time after pCP 5.0.0

    BTW: My last job was in the SIEM Team for a large IT company working for a major bank. I was the team Audit/Compliance officer. I know what it's like to have processes and security so tight you can barely do any work!!! I used to work in various data centres so know a bit about physical security as well.

    regards
    Greg

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •