Menu
▾
▴
Re: [leaf-user] leaf-user Digest, Vol 205, Issue 14
|
From: jeanrocco jr <bla...@gm...> - 2025-12-22 17:14:29
|
Hello Eric, Slawek & all, On Sat, Dec 20, 2025 at 1:48 PM Erich Titl <eri...@th...> wrote: > Hi Jeanrocco > > Am 20.12.2025 um 19:07 schrieb jeanrocco jr: > > Hello Erich, Slawek & all > > > > On Sat, Dec 20, 2025 at 11:06 AM Erich Titl <eri...@th... > > <mailto:eri...@th...>> wrote: > > > ... > > > > > > > Erich, right, this is exactly wrong access permission. Slawek, these > > logs show you are not giving Webconf the right Username and Password . > > > > A normal Webconf connection would show: notice the "admin" here as I'm > > using admin as my username ... > > > > 192.168.1.154 192.168.1.254 admin [20/Dec/2025:12:39:32 -0500] "GET / > > pix/180px-LEAFProjectLogo-Landscape.png HTTP/1.1" 200 14458 > > "*MailScanner warning: numerical links are often malicious:* > > https://192.168.1.254/ <https://192.168.1.254/>" "Mozilla/5.0 (X11; > > Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0" > > > > When I voluntarily enter admin and a wrong password to connect to > > Webconf, this is what I get: notice no admin here it is replaced by "-" > > > > 192.168.1.154 192.168.1.254 - [20/Dec/2025:12:43:46 -0500] "GET / > > HTTP/1.1" 401 347 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:142.0) > > Gecko/20100101 Firefox/142.0" > > > > Erich, he should be captive of the "Webconf password page" when he opens > > up Webconf for the first time, and can get out of it only by giving a > > username and password. > > So Slawek you must have given Webconf an admin and password, but don't > > remember it .... > > > > Erich, is there a way to reinitialize Webconf to ask for a new username/ > > password, from the command lines ? > > I guess the easiest way is to overwrite .htpasswd in /var/webconf/www > with an empty string like: > > > /var/webconf/www/.htpasswd > > Then a new login attempt from a terminal should trigger the part in > .profile which wants to install new passwords. This is quite a chunk of > shell code which I eliminated from my .profile because I hated it. > > Another way is to use pwcrypt to create a new user:password entry for > .htpasswd > > gatekeeper# echo username:$(pwcrypt) > .htpasswd > Enter the password to encrypt: foo > > gatekeeper# cat .htpasswd > username:Cf6wAfwQPTnig > Ok I did just that but " echo admin:$(pwcrypt) > .htpasswd " but nothing happened from the browser ... on 7.5.1 I then remembered these mailings : https://sourceforge.net/p/leaf/mailman/message/58837369/ , and this one: https://sourceforge.net/p/leaf/mailman/message/58837391/ . I applied the same corrections and the page asking for user:password now works fine. Having this issue corrected, I re-did " echo admin:$(pwcrypt) > .htpasswd ", and it worked fine also, I could change the webconf password, and get a new user:password page. As for Slawek, I will send him the https://sourceforge.net/p/leaf/mailman/message/58837391/ mail, hoping he can apply this, if not , in his current state his webconf page is always open, and He can log into it from any browsers from his internal net. I think the misconfiguration in /etc/lighttpd/conf.d/auth.conf is largely overdue for a correction ... I also asked KP to give a default initial range value to Dnsmasq DHCP server ( in dnsmasq.conf ) : ... ... # Uncomment this to enable the integrated DHCP server, you need # to supply the range of addresses available for lease and optionally # a lease time. If you have more than one network, you will need to # repeat this for each network on which you want to supply DHCP # service. #dhcp-range=192.168.1.1,192.168.1.199,12h dhcp-range=192.168.1.100,192.168.1.199,12h ... ... I don't see why not ... Ok bye jeanrocco > > cheers > > ET > -- > „Wer von seinem Tag nicht zwei Drittel für sich hat, ist ein Sklave.“ > ―Friedrich Nietzsche > > |
