Changing passwords

klogg · June 27, 2018, 7:43am

So… I decided to change my HA password. Seemed like a good idea at the time.

I use Owntracks via HTTP (but please read on even if you don’t, I am sure someone can help me with this) and I restrict login attempts to 5. I’m guessing you’re ahead of me here, but I hadn’t considered that Owntracks would cause the ban before I had time to change the passwords on the two phones that use it.

I have had the HA ban notification for my IP and whilst I can still access it (I presume) because my PC was already logged on, how can I reset the IP ban?

Is it enough to remove the ban in my config and then restart HA and then reinstate it?

DavidFW1960 · June 27, 2018, 7:51am

Pretty sure there is a file hat stores the banned IP’s - just edit or delete it…

klogg · June 27, 2018, 8:01am

Thanks, I’d have a look but I don’t seem to be bale to load the Hass.io page to restart Samba! Possibly because I’m banned?

But it sounds like I can simply (ha, bloody ha!) reinstall HA from scratch and reload yesterdays snapshot which I have downloaded locally.

Where do snapshots go?

Oh what fun this HA security is turning out to be…….

DavidFW1960 · June 27, 2018, 8:34am

/backup/
But you should still get in even if banned on frontend. SSH?

klogg · June 27, 2018, 8:48am

Err… I stopped Samba and SSH in a fit of panic last night after reading yet another thread about hacking, which is also why I changed my password this morning.

BIG mistake!

As far as I can tell and unless you know something else, my only option is a complete rebuild.

I am definitely developing a Love/Hate relationship with HA.

Is there no way to put the SD card into my PC and edit the files there?
(I almost certainly expect the answer to be “no” but I thought I’d ask.)

DavidFW1960 · June 27, 2018, 8:58am

If you are using keys for authentication you should be able to connect on port 22222 (I think) It’s a dev mode ssh… might need to search docs to find it.

Can you connect from a non-banned IP address like a 4G or a neighbours connection?

klogg · June 27, 2018, 9:22am

Honestly, so simple, so obvious, it almost qualifies as genius.
Or more likely, I wear the dunces cap today…

Thank you, all I needed was my phone with Wi-Fi switched off to turn Samba on again and then remove the banned IP.

DavidFW1960 · June 27, 2018, 9:39am

Hahahah! I have my moments of genius. lol

flamingm0e · June 27, 2018, 1:01pm

HA? or Hassio?

klogg · June 27, 2018, 1:38pm

I’m afraid for me they are one and the same thing

You make a good point though.

flamingm0e · June 27, 2018, 1:40pm

That is the unfortunate state of things for new people too. They are, indeed, different.

klogg · June 27, 2018, 1:47pm

Yes, agreed.

Which leads me to want to bring up my post of a while back HA security and hacking

I think hassio is actually quite brilliant given its objectives but I really do believe the whole security thing should have been tidied up first. It’s kinda cruel to offer a simplified solution to people not knowledgeable enough to make sure they are using it ‘properly’ (and I count myself just about inside that subset of people too, when it comes to network security).

finity · June 28, 2018, 10:11pm

It looks like you’ve got it worked but for future reference you can do that with a program called LinuxReader64 from Diskinternals.

It reads the files on partitions on a Linux device and then they are editable in windows.