question

Elimac avatar image
Elimac asked

Disabling VenusOS on LAN (safely) [for end user]

I have this project where I plan to build my own Dasboard on the Venus device. How to disable (safely) the console on LAN? (not VRM) The site will NOT be permanently connected to internet, and we want to avoid inexperient end user to mess with the console. I would like to disable it, but not incurr in risk of losing access to the device.

I also plan on leavin SSH active. Can one enable the LAN http console again, via SSH ?


Venus OSremote consolessh
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

1 Answer
Kevin Windrem avatar image
Kevin Windrem answered Ā·

Under Remote Console, there's an Enable on LAN setting. I checked and it definitely disables getting to the GUI from a web browser on the LAN.

The dbus parameter com.victronenergy.settings /Settings/System/VncLocal is what the Enable on LAN switch in the GUI changes.

You can change that either with dbus-spy or from the command line:

dbus -y com.victronenergy.settings /Settings/System/VncLocal SetValue 1

to enable and

dbus -y com.victronenergy.settings /Settings/System/VncLocal SetValue 0

to disable.

4 comments
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Elimac avatar image Elimac commented Ā·
Hi Kevin. Thanks for your input. Yes it works, but only untill next reboot... I'm testing on a RPi3B with large version 2.72~19. After power on cycle, it gets enabled again. Is this normal?

Any other way to protect the device? As a workaround, I can set the user level to "user" and also have a password, but is not as good as not seeing the URL.



0 Likes 0 Ā·
Kevin Windrem avatar image Kevin Windrem Elimac commented Ā·
Enable on LAN stays disabled after a reboot on my system. I'm running v2.80~17, not the large version however.
0 Likes 0 Ā·
mvader (Victron Energy) avatar image mvader (Victron Energy) ā™¦ā™¦ Kevin Windrem commented Ā·
It differs per device and/or the existence of headless. I think. To k ow for sure: read the gui start script
0 Likes 0 Ā·
Kevin Windrem avatar image Kevin Windrem Kevin Windrem commented Ā·
Yes, if headless, the gui startup script enables the local LAN gui.

You could edit that file and comment out the line but that could leave you in a state where you couldn't get to the GUI unless you ssh in and change the dbus parameter.

0 Likes 0 Ā·