sorry for my bad English,I want to know Where is the verification information storen,for example:mqtt node,I find the broker data in flows.json about port,clientId...but I can't find security of username&password in any file in local,I've checked everything I can think of. have some one can tell me which file stone the security data.
it is in flows_cred.json
thank you your reply,I open the flows_cred.json and found the data is:"{
"$":"560dccc0a08e138a8ff84ba8aaf95ca2M43oB99VDahLalxsSVKFpaMVBkE5T0d2DNTk8RxVyqOV3QV/4F0p9PnTS/OT+LP5NJfiQ4Dy8WrL1+KT3oQ8fAs3rhXN1yOpw+1IINpMn+zOUIEav2UBvrEPfP8NYxAYSpjOnDbS2UduicW6pQRWT63vRmlI4gcBC5X9A/mte+a9vkims9KQ+UmBkLYOEIa5bkoxfKAhmaJmRnu+fZzUTtZSHUMkfNsVMJtuclKNlEMg+0JGZplRTvbijsr6hgeYr6MOTGwXy8sONBskQ36iYrL7kRoZAOqjECro2raznNdJFrUngTpLpx5nkmIAkp4ZMVzLzYW3CCEcKhWAz1WQ7ha6zA35uW8Cwc6uFR0RDVlrswf5YelgB8VVGoX=="
}"
So, username and password information is look like encrypted saved, do you know what algorithm is used for encryption?
Did you follow the steps to secure node-red ?
https://nodered.org/docs/user-guide/runtime/securing-node-red
I had follow the steps to secure node-red for login node-red,but what does node-red's permission have to do with node's verification information?
When you start node-red do you see this on the command line?
Your flow credentials file is encrypted using a system-generated key.
If the system-generated key is lost for any reason, your credentials
file will not be recoverable, you will have to delete it and re-enter
your credentials.
You should set your own key using the 'credentialSecret' option in
your settings file. Node-RED will then re-encrypt your credentials
file using your chosen key the next time you deploy a change.
1 Like
Yes, exactly the same.
That is why your flows_cred.json is encrypted.
You can edit the settings.js file and either set credentialSecret : false, or set an encrypted password.
Restart node-red when done.
Read the settings.js file for more details.
@Jack perhaps if you explained what you are trying to achieve you may get more help with whatever you are trying to do.
Wow, you are right, thank you every much. when I set "credentialSecret : false" and restart node-red,it is success!
I want to dynamically modify the configuration information of the node, mainly mqtt, mysql, influxdb and others, so I looking for storage location, and now i had found config broker in flows.json and security data in flows_cred.json, my node-red has hundreds of processes, i don;t want to manually configure, i hope to write configuration with code
You can have multiple instances of nodes each with its own credentials (?).
@Jack you cannot dynamically change the properties without restarting Node-RED. That is the only way to get the runtime to reload the flow configuration and pickup any changes you may have made.
You can also use environment variables in your flow configuration so you don't have to edit the flow file - https://nodered.org/docs/user-guide/environment-variables
so,if I want to config mqtt broker's data(broker,port,clientId,username,password),how can I do use environment variables,thank you in advance.
My flows are use for pub data on mqtt,One process per device,i have 100+ device,every device have own clientId,username,password(by Equipment certification)
I'm confused as to what you are doing.
Are you talking about:
- linking Node-RED to 100 MQTT brokers?
- Having Node-RED installed on 100 devices?
- something else.
to find a way to dynamic set the mqtt broker(do not enter manually)
