This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
admin_access [2021/06/23 03:34] – [SSL Certificate] hogwild | admin_access [2023/06/23 21:21] – [Admin Restrictions] -condense, formatting hogwild | ||
---|---|---|---|
Line 6: | Line 6: | ||
===== Web Admin ===== | ===== Web Admin ===== | ||
- | The Web Admin section has settings to control who can access FreshTomato' | + | The Web Admin section has settings to control who can access FreshTomato' |
- | ==== Local Access | + | **Local Access: **This let you choose which web protocol(s) are allowed to communicate with the web interface via the LAN. \\ Port and Wireless access options will appear, depending on which selection you choose. |
- | This menu let you choose | + | * Disabled - Choosing this disables all LAN access to FreshTomato' |
+ | * HTTP - Choosing this allows LAN Ethernet clients to access the web interface via the HTTP protocol. | ||
+ | * HTTP Port - Here, enter the port number on which you want HTTP administration traffic to flow. (Default: 80). | ||
+ | * Allow Wireless Access - Checking this lets LAN WiFi clients access the web interface. (Default: enabled). | ||
+ | * HTTPS - Choosing this allows LAN Ethernet clients to access the web interface via the HTTPS (SSL-encrypted web) protocol. | ||
+ | * HTTPS port: Here, enter the HTTPS port number to use. (appears only if HTTPS is among the chosen options). | ||
+ | * Allow Wireless Access - Checking this lets LAN WiFi clients access the web interface via HTTPS. (Default: enabled). | ||
+ | * HTTP and HTTPS - Choosing this allows LAN Ethernet clients | ||
+ | * HTTP Port - Here, enter the port number on which you want HTTP administration traffic to flow. (Default: 80). | ||
+ | * HTTPS port: Here, enter the HTTPS port number to use. (appears only if HTTPS is among the chosen options). | ||
+ | * Allow Wireless Access - Checking this lets LAN WiFi clients access the web interface. (Default: enabled). | ||
- | * Disabled: Choosing this disables all access to FreshTomato' | + | \\ |
- | * HTTP Port: Choosing this allows LAN client access to FreshTomato via the HTTP web protocol. | + | |
- | * HTTPS: Choosing this allows LAN client access to FreshTomato via the HTTPS \\ (SSL-encrypted web) protocol. | + | |
- | * HTTP and HTTPS: Choosing this allows LAN client access via both HTTP and HTTPS protocols. | + | |
- | + | ||
- | **HTTP Port:** In this field, enter the port number on which you want HTTP administration traffic to flow. (Default: 80). | + | |
[[https:// | [[https:// | ||
- | **HTTPS port:** Here, enter the https port number you wish to use. (This option appears only if HTTPS is among the chosen options). | + | \\ |
Line 32: | Line 37: | ||
**Save in NVRAM: **TBD. | **Save in NVRAM: **TBD. | ||
- | **Remote Access: | + | **Remote Access: |
- | * Disabled: This prevents all access to FreshTomato' | + | * Disabled |
- | * HTTP: This allows web access to FreshTomato' | + | * HTTP - This allows web access to FreshTomato' |
- | * HTTPS: This allows web access to FreshTomato' | + | * HTTPS - This allows web access to FreshTomato' |
- | **Allow Wireless Access:** Checking this allows wireless clients, as well as Ethernet clients to access the web interface. | + | |
- | **Directory with GUI files:** Here, you select the directory which contains the files which provide the graphical web interface. \\ CAUTION: It is not advisable to change | + | **Allow Remote Upgrade:** Enabling |
- | **Color Scheme:** Here, you can choose the color scheme used for the web interface | + | **Remote Access:** This menu lets you specify which, if any protocols will be allowed when remotely accessing |
- | **Open Menus: | + | * Disabled - No Remote access to the web interface will be permitted. |
+ | * HTTP - Remote access via the HTTP protocol will be permitted. | ||
+ | * HTTPS - Remote access via the HTTPS protocol will be permitted. | ||
+ | |||
+ | \\ | ||
+ | |||
+ | **Allow Wireless Access: | ||
+ | |||
+ | **Directory with GUI files: | ||
+ | |||
+ | **Theme UI:** This lets you choose the color scheme (theme) used for the web interface pages. (Default: Default). | ||
+ | |||
+ | **Open Menus: | ||
===== SSH Daemon ===== | ===== SSH Daemon ===== | ||
- | **S**ecure **SH**ell | + | Secure SHell is a tunneling protocol |
**Enable at Startup:** Checking this starts the SSH Daemon when the router boots. (Default: Enabled). | **Enable at Startup:** Checking this starts the SSH Daemon when the router boots. (Default: Enabled). | ||
- | **Extended MOTD:** Checking this enables the Message of the Day function. This function displays a custom message when you first log in via Telnet. The message can be can be important information or updates about the system or just a personal greeting from the system | + | **Extended MOTD:** Checking this enables the Message of the Day function. This function displays a custom message when you first log in via Telnet. The message can be can be important information or updates about the system or just a personal greeting from the system |
+ | |||
+ | \\ | ||
[[https:// | [[https:// | ||
- | **Remote Access:** Checking this allows SSH connections from remote | + | \\ |
+ | |||
+ | **Remote Access: | ||
+ | |||
+ | **Remote Forwarding: **Checking this enables the Dropbear service. This service/ | ||
- | **Remote Forwarding: **Checking this box enables the Dropbear service, the server/ | + | For example, |
- | **Port: **Here, you can enter the port number on which you want SSH traffic to flow. (Default: 22). Changing the port number | + | **Port: **Here, you can enter the port number on which you want SSH traffic to flow. (Default: 22). Changing the port from the default is highly recommended, |
**Allow Password Login: **Checking this allows clients to login via SSH with only FreshTomato' | **Allow Password Login: **Checking this allows clients to login via SSH with only FreshTomato' | ||
**Authorized Keys:** Here you can enter one or more encryption keys which authorize an SSH client to access to the LAN. | **Authorized Keys:** Here you can enter one or more encryption keys which authorize an SSH client to access to the LAN. | ||
+ | |||
+ | **Stop Now:** Clicking this button immediately stops the SSH daemon. SSH will start again at the next bootup. | ||
+ | |||
===== Telnet Daemon ===== | ===== Telnet Daemon ===== | ||
- | (Terminal EmuLation over the NEtwork) is a protocol which allows LAN and remote connections via a command-line interface. Telnet is not a secure protocol. | + | (Terminal EmuLation over the NEtwork) is a protocol which allows LAN and remote connections via a command-line interface. |
**Enable at Startup:** Checking this enables the Telnet Daemon, allowing connections to FreshTomato via Telnet. | **Enable at Startup:** Checking this enables the Telnet Daemon, allowing connections to FreshTomato via Telnet. | ||
- | **Port:** Here, you can enter the port number on which Telnet connections will be made to the router. | + | **Port:** Here, you can enter the port number on which Telnet connections will be made to the router. (Default: 23). |
- | **Stop Now / Start Now. **Clicking this button immediately stops the Telnet Daemon. | + | **Stop Now / Start Now. **Clicking this button immediately stops the Telnet Daemon. |
+ | |||
+ | \\ | ||
{{: | {{: | ||
+ | |||
===== Admin Restrictions ===== | ===== Admin Restrictions ===== | ||
- | **Allowed Remote IP Address:** Here, you can specify | + | **Allowed Remote IP Address: |
- | **Limit Connection Attempts: **Here, | + | **Limit Connection Attempts: **Here, specify whether SSH or Telnet connection attempts |
- | Checking SSH limits the number of SSH connection attempts to number n at frequency f (in seconds). Checking Telnet limits the number of Telnet connection attempts | + | Checking SSH limits the number of SSH connection attempts to number |
+ | |||
+ | \\ | ||
[[https:// | [[https:// | ||
+ | |||
+ | \\ | ||
+ | |||
===== Username/ | ===== Username/ | ||
Line 93: | Line 127: | ||
The Username/ | The Username/ | ||
- | **Username: | + | **Username: |
- | **Password: | + | **Password: |
- | **Re-enter to confirm:** In this field, | + | **Re-enter to confirm:** In this field, enter the password again to confirm |
{{: | {{: | ||