Is it possible to encrypt the flow? My goal is to prevent reading and editing of the flow. So encrypt individual json files with the project.
Do you mean that you want to prevent others who have access to the computer that node-red is installed on from viewing the data? If not that then what exactly?
Anyone who has access to the computer where NodeRED is installed. That is, both to the browser (user and password) and especially to the directory structure (hard drive, SD card)
Hi @S0T0
It is not possible, or practical, to encrypt the flows in a way that would be secure.
Even if they were encrypted on disk, the key to decrypt them has to be stored somewhere that Node-RED can access. If someone has access to the file system they will have access to the decryption key
It may be possible to do as long as Node-RED is running using its own user and group. However, I think you would need to have a specialist keystore and would be encrypting a section of the filing system so would be outside of Node-RED itself. And even then, it isn't 100% secure since, at least in theory, the data could be hacked out of live memory and that probably isn't that hard for a node.js live service. Would at least protect the data in files from accidental access.
Never implemented it myself though, you would probably need to hire a specialist to design it for you.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
