FreshTomato Wiki

User Tools

Site Tools

Trace: admin-access
admin-access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
admin-access [2025/08/21 17:40] – [SSH Server] hogwildadmin-access [2025/11/10 22:40] (current) – [Web Admin] -Condense hogwild
Line 8: Line 8:
 Settings here control who can access the web interface, how, and from where. You can choose which menus stay nested or shown and settings for the interface's color scheme. Settings here control who can access the web interface, how, and from where. You can choose which menus stay nested or shown and settings for the interface's color scheme.
  
-  \\ **Local Access:  **here, choose the web protocols allowed for communication with the web interface via LAN. \\ Port and Wireless access options appear, depending on your selection. \\  \\  {{::administration-admin_access-web_admin-local_access_to_allow_wireless_access-2025.3.png?380}}+ \\ 
 + 
 +**Local Access:** here, choose the web protocols allowed for communication with the web interface via LAN. \\ Port and Wireless access options appear, depending on your selection. \\  \\  {{::administration-admin_access-web_admin-local_access_to_allow_wireless_access-2025.3.png?351}}
  
  \\  \\
Line 66: Line 68:
 These options appear only if "HTTPS" or "HTTP and HTTPS" is selected in //Local Access//. These options appear only if "HTTPS" or "HTTP and HTTPS" is selected in //Local Access//.
  
- \\ {{::administration-admin_access-ssl_cert-2025.3.png?573}}+ \\ {{::administration-admin_access-ssl_cert-2025.3.png?529}}
  
  \\  \\
  
   * Common Name (CN) - the plain English name of the SSL web administration certificate to generate. \\ \\ This is the server name protected by the SSL certificate. \\ In this case, FreshTomato acts as the server. The certificate \\ is valid only if the requested hostname matches the \\ certificate common name. If you connect to an address \\ that doesn't match the certificate's common name, your browser \\ will display a warning message. If you were to connect to FreshTomato, \\ and the address detected didn't match the one in the certificate, \\ you'd receive a warning. Officially, this field is optional. \\ However, it's unwise to leave it empty. Starting with r2024.4, \\ this field uses "FT" as the default. \\  \\    * Common Name (CN) - the plain English name of the SSL web administration certificate to generate. \\ \\ This is the server name protected by the SSL certificate. \\ In this case, FreshTomato acts as the server. The certificate \\ is valid only if the requested hostname matches the \\ certificate common name. If you connect to an address \\ that doesn't match the certificate's common name, your browser \\ will display a warning message. If you were to connect to FreshTomato, \\ and the address detected didn't match the one in the certificate, \\ you'd receive a warning. Officially, this field is optional. \\ However, it's unwise to leave it empty. Starting with r2024.4, \\ this field uses "FT" as the default. \\  \\ 
-  * Regenerate - makes FreshTomato generate a new certificate\\ It then restarts the httpd service to load the new certificate.\\  \\ +  * Regenerate - generates a new certificate using the current \\ date/time, then restarts the httpd service to load the new certificate.\\  \\ 
   * Save in NVRAM - this saves the new certificate in NVRAM.   * Save in NVRAM - this saves the new certificate in NVRAM.
  
Line 80: Line 82:
  \\  \\
  
-{{::administration-admin_access-ui_files_path_to_theme_ui-2025.3.png?559}}+{{::administration-admin_access-ui_files_path_to_theme_ui-2025.3.png?516}}
  
  \\  \\
Line 94: Line 96:
  \\  \\
  
-{{::administration-admin_access-open_menus-2025.3.png?301}}+{{::administration-admin_access-open_menus-2025.3.png?258}}
  
  \\  \\
Line 119: Line 121:
  \\  \\
  
-{{::administration-admin_access-ssh_server-2025.3.png?525}}+{{::administration-admin_access-ssh_server-2025.3.png?500}}
  
  \\  \\
Line 161: Line 163:
  
 The (Terminal EmuLation over the NEtwork) protocol allows LAN and remote connections via a command-line interface. Unlike SSH, Telnet is not secure. The (Terminal EmuLation over the NEtwork) protocol allows LAN and remote connections via a command-line interface. Unlike SSH, Telnet is not secure.
- 
- \\ 
  
 **Enable at Startup:** enables the Telnet Daemon, allowing Telnet connections to FreshTomato. **Enable at Startup:** enables the Telnet Daemon, allowing Telnet connections to FreshTomato.
 +
 + \\ {{::administration-admin_access-telnet_daemon-2025.3.png?332}}\\
  
  \\  \\
Line 174: Line 176:
 **Stop Now / Start Now. **clicking Stop Now immediately stops the Telnet Daemon. **Stop Now / Start Now. **clicking Stop Now immediately stops the Telnet Daemon.
  
-When Telnet has stopped, the button reads: "Start Now". Clicking "Start Now" immediately starts Telnet again. The Telnet daemon will restart at next reboot (if Enable at Startup is checked). +When Telnet has stopped, the button reads: "Start Now". Clicking "Start Now" immediately starts Telnet again. The Telnet daemon will restart at next reboot (if Enable at Startup is checked).\\
- +
- \\ {{::administration-admin_access-telnet_daemon-2024.3.png?335}}+
  
  
Line 187: Line 187:
  \\  \\
  
-**Remote Web Port Protection:**  enables a firewall rule to prevent brute force attacks on port(s) used for remote administration. +{{::administration-admin_access-admin_restrictions-2025.3.png?569}}
- +
-This option is available only when Remote Access is set to HTTP or HTTPS. Come users have reported that enabling this feature slowed their remote web access connection.+
  
  \\  \\
  
-**Limit Connection Attempts: **specifies whether the number of SSH/Telnet connection attempts will be limited to number (n) at certain frequency (f).+**Remote Web Port Protection:**  sets firewall rule to prevent brute force attacks on ports used for remote administration.
  
-(Default: 3 connection attempts every 60 seconds)Checking SSH limits the number of SSH connection attempts to number n at frequency f (in seconds). Checking Telnet works similarly.+This option is available only when Remote Access is set to HTTP/HTTPSSome users report that enabling this feature slowed their remote web access connection.
  
  \\  \\
  
-{{::administration-admin_access-admin_restrictions-2025.3.png?669}}+**Limit Connection Attempts**Specifies whether SSH/Telnet connection attempts are limited to (//n)// attempts per frequency (//f)//. 
 + 
 +Checking SSH limits the number of SSH connection attempts to number n at frequency f (in seconds). Checking Telnet works similarly. 
 + 
 +(Default: connection attempts every 60 seconds).
  
  
Line 206: Line 208:
 You are strongly urged to change these from the default settings to keep the router and network secure. You are strongly urged to change these from the default settings to keep the router and network secure.
  
- \\+ \\ **Username:** the FreshTomato logon Username to set. An empty field sets the username: "root". (Default: "root").
  
-**Username:** the FreshTomato logon Username to set. An empty field sets the username"root"(Default: "root").+ \\  \\ {{::administration-admin_access-username_password-2025.3.png?534}}
  
  \\  \\
Line 217: Line 219:
  
 **Re-enter to confirm:** enter the password again to confirm it's correct. It will change only when this text and text in the //Password// field match. **Re-enter to confirm:** enter the password again to confirm it's correct. It will change only when this text and text in the //Password// field match.
- 
- \\ 
- 
-{{::administration-admin_access-username_password-2024.3.png?523}} 
  
  \\  \\
admin-access.1755794443.txt.gz · Last modified: by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki