Change password from the Node-RED environment.

GOcontroll strongly recommends to change the password from the Node-RED environment to prevent unintended logins to the embedded controller. Changing the password is done using the command line interface (CLI).

A connection with the controller is required. It doesn’t matter if it is a wired connection or WLAN. The Make connection with controller in this Wiki environment describes how to make a connection with the controller.

If a connection is made, login to the controller using a terminal program (for example PuTTY).

The credential are by default:

login:
root

password:
root

Once logged in,  a password hash needs to be generated by the Node-RED admin tool. A password hash is an encrypted representation of the chosen password. This prevents the storage of passwords as readable text.

This admin tool is already installed on the Moduline controllers. The commands below can be used directly.

Generate new pasword hash:
node-red-admin hash-pw

At this point, a new password can be chosen. After –enter– the hash is generated and is shown. Select the hash and copy it to the clipboard or local file on your computer.

Now we’re going to open the Node-RED settings file where the password hash needs to be stored. The settingsfile is a .js file that can be opened and editted by nano (Linux CLI editor)

Open the file:
nano ~/.node-red/settings.js

Scroll down (arrow down when using Putty) to adminAuth: {  (see picture)
Replace both hashes for password: and pass: with the hash created during former steps. Ensure that the hash is between the quotes!

Note: If another username is required, username: and user: can also be changed here.

Once the hashes are replaces with the new one, the file can be saved with:

CTRL-X (quit file)
Y (yes, save changes)
Enter (execute file saving)

At this point, you can restart your controller and login to Node-RED with the new password.

More information about securing Node-RED van be found on the Node-RED website.