markus9656 wrote: > First: thanks for all your great work! > > Did you consider adding TLS support for the web server connection? I'm > using a certificate for my LMS web interface to access it via a > https-URL. This unfortunately doesn't work yet with Squeezelite-X and > leaves a vulnerability when username or password are sent in plaintext > to the web server.
I have thought about it, but at the time it seemed like too much trouble. I could not even figure out how to set up one of my LMS servers that way. My servers run on R-Pi's using Max2Play to manage everything on the server. Squeezelite-X uses the LMS Telnet protocol for monitoring server events and some commanding. That is probably all clear text anyway. My stuff is all on my local network, not visible to the outside world and nothing else is on my R-Pi except LMS server, so I guess it is about as vulnerable as my Denon Receiver. I'm not worried about it being vulnerable. But I am worried about Squeezelite-X not running on a server configured with TLS, so I would like to solve that, because other people have this need. Maybe you can help me configure one of my LMS servers to run that way. I have one on Windows and a couple on R-Pi's. That way I could modify and test Squeezelite-X to work on such. Can you point me to a how-to to configure my LMS to run with TLS? R Greg Dawson Squeezelite-X ------------------------------------------------------------------------ rgdawson's Profile: http://forums.slimdevices.com/member.php?userid=65236 View this thread: http://forums.slimdevices.com/showthread.php?t=108550 _______________________________________________ plugins mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/plugins
