Author Topic: What does http://VERA_IP/cgi-bin/cmh/remove_ra.sh do?  (Read 5343 times)

Offline futzle

  • Beta Testers
  • Master Member
  • *****
  • Posts: 3254
  • Karma: +190/-9
What does http://VERA_IP/cgi-bin/cmh/remove_ra.sh do?
« on: June 26, 2011, 04:46:51 am »
So I used to think that I could prevent my Vera from doing remote access by editing /etc/cmh-ra/cmh-ra.conf.  But the file appears to have edited itself, and the tunnel mysteriously reappeared.

Recently I saw mention of an undocumented MiOS feature: Point a browser at http://VERA_IP/cgi-bin/cmh/remove_ra.sh and the Vera will ask mios.com to forget my Vera.

It seems to work... but:

Logging into my cp.mios.com account, I see:
Quote
I found 1 new MiOS systems which have not yet been assigned to a myMiOS account. Click "Add to myMiOS account" if you want to setup or use these systems.

I conclude: There's nothing to prevent anyone else on my LAN from creating a cp.mios.com account, and adding this free-agent Vera to their account.

On my LAN, everyone is trusted, so unless I'm hacked, there's no problem.  But for users who can't trust their LAN users (say, owners of a guest house), this isn't really going to help, is it?

This isn't quite the same as disabling the remote access tunnel.  I think I'll go add my Vera back to my cp.mios.com account and turn off the tunnel as I did, only watch it this time in case it sneakily tries to re-enable the tunnel.

Edit: Scratch that, there's no point.  Anyone on my LAN can visit http://VERA_IP/cgi-bin/cmh/remove_ra.sh to detach the Vera from remote access, without any kind of password.  I'm not able to prevent this, so I may as well leave the Vera unassociated.
« Last Edit: June 26, 2011, 04:54:33 am by futzle »

Offline Henk

  • Beta Testers
  • Hero Member
  • *****
  • Posts: 822
  • Karma: +3/-0
Re: What does http://VERA_IP/cgi-bin/cmh/remove_ra.sh do?
« Reply #1 on: June 26, 2011, 05:42:22 am »
@futzle

I think disabling your tunnel works.
The mysterious re-enabling might have been caused by a reboot/powercycle (less likely)
Or a recent update?

I see the same behaviour with my USB logging (and other undocumented USB stuff).

Rebooting is an issue there, but mostly updating breaks settings causing Vera to default to certain settings.

Could this have been the issue in your case?

--edit--
This shows one more time the importance of local accounts and local login (common feature on routers anyway, so maybe there's a way to create this from OpenWRT?)

best,
Henk
| Vera2 @ UI4 1.1.1350 / 3.20 | Vera Lite @ UI5 | Vera 3 @ UI5 | 2x Merten  504519 | 1x Duewi  064374 | 1x Everspring SM103 doorbell mod |1 Y-cam IP cam | various LUUP plugins |

Offline hightop32

  • Jr. Member
  • **
  • Posts: 92
  • Karma: +0/-0
Re: What does http://VERA_IP/cgi-bin/cmh/remove_ra.sh do?
« Reply #2 on: June 26, 2011, 07:09:11 pm »
Edit: Scratch that, there's no point.  Anyone on my LAN can visit http://VERA_IP/cgi-bin/cmh/remove_ra.sh to detach the Vera from remote access, without any kind of password.  I'm not able to prevent this, so I may as well leave the Vera unassociated.

greaaaat.