How to implement authentication (user/password) to swupdate Web Interface

Question

I need a way to implement some sort of authentication (user/password) to the swupdate web interface, in order to allow firmware updates to authorized users only. I tried to place an .htaccess file in the root folder of the web interface (namely in the /www directory), but it seems to be ignored. Anybody has a working example about my requirement ?

And also: In the configuration file swupdate.cfg I found the following parameter:

global-auth-file

for the embedded webserver, but I don't find which content (and in which format) this file must have.

Thanks in advance

score 0 · Answer 1 · answered Aug 03 '21 at 12:19

Create htdigest file using apache's htdigest tool. For example: htdigest -c .htdigest myrealm someuser Then run the swupdate adding the following mongoose arguments --auth-domain myrealm --global-auth-file /path_to_your_htdigest/.htdigest.

A full example: /usr/bin/swupdate -v -H "my_hardware:1.0" -f /etc/swupdate.cfg -w "--auth-domain myrealm --global-auth-file /www/.htdigest" -p 'reboot'

How to implement authentication (user/password) to swupdate Web Interface

1 Answers1