Since the latest update of HA which warns me about the password I used for Node Red, i changed the password. But thereafter can’t get Node Red working again.
Steps:
changed password in configuration of NR
restarted NR
Opened NR, redeployed the nodes
There after getting errors like: [info] [mqtt-broker:homeassistant] Connection failed to broker: .
Tested to change the password back, still same issue.
Restart of NR / HA etc does not make any difference. All nodes shows up as disconnected.
Someone knows how to change the credential_secret in a correct way to get it working?
I too am trying to find a solution after same problem. Seems that if you change the passwords then access credentials for mqtt and in my case Pushover are lost.
I restored a previous snapshot and it works again. Except of course for the continual bad/insecure nag notifications.
I do not want to start from scratch with a fresh node red install and loose all my flows.
I am a fairly novice user of ha btw.
I’m not seeing any way to change the secret looking in the guide. That doesn’t necessarily mean there isn’t a way, perhaps someone else knows one. Although the add-on does specifically say it cannot be changed.
That being said, what this actually does is encrypt credentials used in your nodes. Most likely there’s actually very few credentials in there since a vast majority of your nodes rely on a few configuration nodes. Those configuration nodes are likely all broken with the change in secret but fixing them might not be as difficult as it appears.
For instance unless you have multiple HA instances, all the HA nodes rely on a single configuration node which is most likely called “Home Assistant”. If you open up that one configuration node and fix it then all the other nodes should start working. Probably the same with the MQTT nodes unless you have multiple MQTT brokers.
If you’re not sure what I’m talking about, you can get to configuration nodes via the little menu at the top of the right panel
Now granted you may have a ton of different credentials. I don’t know your setup, I’m just guessing since you only mentioned HA and MQTT. But if you do just have a few it seems worth a try. Worse comes to worse just restore the snapshot again and resume looking for a better way to change the secret.
I find this a very annoying message as the credential secret can only be exploited after being inside my system enough that they could control or break everything anyway.
Thanks for the useful reply. One of the things that confused me is that even though I have no flows that actually use mqtt, Its logs were still reporting errors. Presumably because its possible to use mqtt in flows. Pushover is probably the only thing I need to redo.
Also having trouble with other insecure credential warnings such as Samba in that even after trying a couple of random 15 digit passwords I was still getting the insecure warnings.
If I need to go and enter “secure” passwords for ssh, samba, mqtt and Nodered at least I need confidence its going to stop the nagging.
Hm that’s strange. By any chance when you deploy is there a warning at the top that says “you have unused configuration nodes”? If you tried mqtt at one point then it would’ve created a configuration node. Those have to be manually deleted from the configuration node menu after that, deleting all the mqtt nodes using a configuration node doesn’t get rid of the configuration node itself.
Otherwise I’m not sure. I didnt think anything was stored for nodes you didn’t use. Def makes this whole thing seem a bit more worrisome
Thank you, yes I do get ‘you have unused configuration nodes’ even though my flows seem to work fine. I never understood the message. I will take a look at the configuration node menu once I find it.
Thats for tommorow though as I have just spent over an hour changing the password on all my mqtt devices to get rid of that specific insecure credential warning.
