MQTT Broker Configuration

Jan.Schmidt · April 5, 2020, 5:29am

Hi,
please always use seperate users & passwords for all of your different use cases.

eg. there are “some” ways to get a tasmota device to act as access point.(physical access needed)
if the device is in ap mode - its not hard to get all your (wlan ssid; mqtt id & their passwords)

If you using “one” user & one password for “everything” - “everything” is open…

smile · April 5, 2020, 7:35am

You are right, these are two different applications. My mistake.

smile · April 5, 2020, 7:50am

I think my Homeassistant password is strong. I will make new user in homeassistant and use for mqtt devices.

Do I need strong password for mqtt or a just simple password.

francisp · April 5, 2020, 8:14am

Since your mqtt is inside your home, it is relatively safe. However, strong passwords never hurt.

DavidFW1960 · April 5, 2020, 8:56am

I setup a user just for MQTT.

karateka99 · April 5, 2020, 7:45pm

Hello guys.
i have a problem with mqtt.
I flashed my sonoff with tasmota.
i tried setting both mqtt and sonoff but mqtt doesn’t detect sonoff.
when i try to do setoption19 1 nothing appears in the integrations.
do you have any advice to give me?

my configuration mqtt:

logins:
  - username: biscotto
    password: biscotto89
anonymous: false
customize:
  active: false
  folder: mosquitto
certfile: fullchain.pem
keyfile: privkey.pem
require_certificate: false

log mqtt:

[18:37:51] INFO: Setup mosquitto configuration
[18:37:51] WARNING: SSL not enabled - No valid certs found!
[18:37:51] INFO: Found local users inside config
[18:37:53] INFO: Initialize Hass.io Add-on services
[18:37:53] INFO: Initialize Home Assistant discovery
[18:37:53] INFO: Start Mosquitto daemon
1586104673: mosquitto version 1.6.3 starting
1586104673: Config loaded from /etc/mosquitto.conf.
1586104673: Loading plugin: /usr/share/mosquitto/auth-plug.so
1586104673: |-- *** auth-plug: startup
1586104673:  ├── Username/password checking enabled.
1586104673:  ├── TLS-PSK checking enabled.
1586104673:  └── Extended authentication not enabled.
1586104673: Opening ipv4 listen socket on port 1883.
1586104673: Opening ipv6 listen socket on port 1883.
1586104673: Opening websockets listen socket on port 1884.
1586104673: Warning: Mosquitto should not be run as root/administrator.
1586104675: New connection from 172.30.32.1 on port 1883.
1586104676: Socket error on client <unknown>, disconnecting.
1586104676: New connection from 172.30.32.1 on port 1883.
[INFO] found homeassistant on local database
1586104678: New client connected from 172.30.32.1 as auto-A28CF914-088B-1614-8BA0-DA0F9268CD17 (p2, c1, k60, u'homeassistant').
1586104683: New connection from 192.168.1.104 on port 1883.
[INFO] found biscotto on local database
1586104685: New client connected from 192.168.1.104 as DVES_431D3C (p2, c1, k30, u'biscotto').
1586106474: Saving in-memory database to /data/mosquitto.db.
1586108152: Socket error on client auto-A28CF914-088B-1614-8BA0-DA0F9268CD17, disconnecting.
1586108204: New connection from 172.30.32.1 on port 1883.
[INFO] found homeassistant on local database
1586108206: New client connected from 172.30.32.1 as auto-AB060B02-EC33-CB01-B3DE-0285323C2099 (p2, c1, k60, u'homeassistant').
1586108275: Saving in-memory database to /data/mosquitto.db.
1586108341: Client DVES_431D3C disconnected.
1586108346: New connection from 192.168.1.104 on port 1883.
[INFO] found biscotto on local database
1586108348: New client connected from 192.168.1.104 as DVES_431D3C (p2, c1, k30, u'biscotto').
1586110076: Saving in-memory database to /data/mosquitto.db.
1586111877: Saving in-memory database to /data/mosquitto.db.
1586113678: Saving in-memory database to /data/mosquitto.db.

my configuration sonoff mini: