Feature request: password with clientAuthorization

It would be nice to add a password protection when one tries to use a remote device

#2

Yes sorry, replied to this in your other post, anyway i think i can do a password callback mechanism to password protect devices...i will work on this

#3

OK i added this in 2.5.6 of the server and 3.1.9 of the client. Its pretty simple to setup see here

Basically you just return 2 from the clientAuthorization script and then client will show a password dialog and will try to use the device again with that password.

If a valid password is sent, the server will remember that the client sent a valid password for that device and will not ask again. (Unless the connection is dropped)

#4

Thanks, will test today

By the way one more note on this feature: please add the ability to pass password hash (md5 for example) instead of plain text

#5

Yes the mD5 is a good idea, (and saves using SSL for protecting the data on the wire just for the password), so i added that in 2.5.6 of the server.

Pass the MD5 hash as the password and that will be sent to the auth script for you do compare against. The client already supports this, just the server needs an update. It increases the supported password size from 30 to 64 characters so the md5 can be passed

#6

Do I understand you correctly: client converts password to md5 and send hash through wire to server which passes this password (md5 hash) to and script? if so - great!

#7

OK, i will need to convert to md5 hash password, at the moment its expecting an md5 hash...ill update the client now...

#8

OK, 3.2.1 of the client will automatically md5 encode the password when passing over the network..