login

Author Topic: Sharpfin radio - adding password for webpage login  (Read 730 times)

dif

  • Jr. Member
  • **
  • Posts: 21
  • Country: gb
  • Thanked: 9 times
Sharpfin radio - adding password for webpage login
« on: 15:37:50 | 15 January, 2021 »
The web page of a radio with Sharpfin has lots of powerful functions - and it's mentioned on the Sharpfin github page that a missing feature is improved security of the webserver.

It seems quite simple to do this, although the password is sent in plain text over the network. It's not ideal, but would be sufficient on a home network just to prevent accidental or curious access. The necessary capability is already build into busybox which is what's really running the httpd webserver. On the version on my radio (Busybox v1.10.3) Busybox doesn't support encrypted passwords, although this feature is in newer versions of Busybox.

Password security for the web interface can be achieved by connecting to the radio by telnet, and logging in as admin. Then cd to /opt/etc and use vi to edit the initially empty file httpd.conf which should already be there. Add a single line:

/:username:password

where username and password are your choices for how you'd like to connect to the web interface. Then save the file and reboot the radio. When it restarts the web interface is protected with basic password security.
Radios: Acoustic Energy AE17 & Logik IR100