Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Mosquitto » User Authentication with many devices(User Authentication with Broker)
User Authentication with many devices [message #1841698] Wed, 26 May 2021 03:19 Go to next message
Saqib Khan is currently offline Saqib KhanFriend
Messages: 2
Registered: May 2021
Junior Member
I have thousands of Raspberry pi's which would connect to my BROKER (Which is hosted on my Windows Server).

I am bit concerned about the security, Currently I have it set to "Anonymous" Authentication & Each user has its own "TOPIC", which I am using to push messages from Broker.

if I enable Authentication, then I would need to create accounts for every single user? I dont want to supply users with hard-coded credentials.

Do I even have the right approach.

Goal is to have users download a SSH script and run it on their devices, which would register a service with my broker information.

Report message to a moderator

Re: User Authentication with many devices [message #1841737 is a reply to message #1841698] Thu, 27 May 2021 09:04 Go to previous message
Roger Light is currently offline Roger LightFriend
Messages: 90
Registered: September 2013
Member
Hi Saqib,

I'm glad you're thinking about this! Yes, if you enable authentication then each user will need an account. There are some solutions that can help you with this.

The Mosquitto provided dynamic security plugin gives you authentication and authorisation which can be controlled using an MQTT topic API, a command line client, or a graphical web tool (this last part is not provided by the Mosquitto project directly but by my employer). So you have an easy way to view the current state but can also automate things. There is some documentation at https://mosquitto.org/documentation/dynamic-security/ and the web tool is available at https://docs.cedalo.com/latest/docs/installation/

There are also some third party plugins available, the one to look at is probably mosquitto-go-auth ( https://github.com/iegomez/mosquitto-go-auth ) which provides a variety of backends which you could interface with using your own code.

I hope that helps,

Roger

Report message to a moderator

Previous Topic:Mosquitto Portability Issue from 1.x to 2.x
Next Topic:Tasmota and shelly connect failed
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Apr 25 11:40:18 GMT 2024

Powered by FUDForum. Page generated in 0.48471 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly