YaCy - 10 minutes to create admin account

If you create a YaCy instance on a remote computer, you have 10 minutes to login and create an admin account. What are the default login credentials? These should be mentioned in the YaCy explanation page.

Point Browser to:

http://<remote-server-address>:8090/ConfigAccounts_p.html

and set an admin account.

When you arrive at the above page, you are asked for a username and password to login. What are these?

The YaCy page which attempts to explain this is here:

The login credentials are random, however it is always possible to login from localhost.

As this is not possible on a remote host, I recommend to use a tunnel passing the port 8090 from remote to local.

Furthermore the change of the login should be possible from shell, but I have seen some code changes that may make this impossible.

I actually believe it would be much easier if a default login would exist. However the security details must be considered.

Hello, Orbiter! Thank you for all your work on YaCy.
The login credentials are random, after ten minutes, but until then, if you arrive at the webpage, you click on the admin to login and have to enter details, but blank username/password doesn’t work…

I am thinking about a way to change this thing. The ten minute time until the random password is set is probably confusing for many users.
We could simply set a default password yacy as I explain as answer to Forgot your password but then all peers where people forget to change the password are open to everyone. But however this is the default behaviour for most software which have accounts - they come with a default password.

I have just setup YaCy on a remote linux host at home. I ssh into the machine from Win10.
I can access the YaCy daemon on my local address
http://192.168.0.6:8090/Status.html?noforward=

The only thing NOT working thus far is the admin pw.
I’ve read a couple of threads on this forum.
I’ve done the suggestions of setting the default pw of “yacy” via MD5 in the yacy.conf file.
Restarted daemon successfully.
Tried to access daemon using
http://192.168.0.6:8090/ConfigAccounts_p.html
==> Login dlg comes up; login used Admin/yacy. Login denied.
My linux/Ubuntu host is NOT https enabled. Must it be for Admin login?

adminAccountForLocalhost=false is set in CONF.
Its not clear from english used in the thread post whether this FLAG supposed to be True or False when running remotely.
[Have tried adminAcccountForLocalhost=true as well, made no difference for logging in; still denied]

I can see when I restart daemon that YaCy is expecting Admin from localhost:8090.
How do I allow admin from remote host? I’ve looked through CONF, found the LAN whitelist (which wasn’t blacklisting 192.168.0.XX.

I can upload my CONF file if helpful.
I love the concept of YaCy, and am easily able to run a node on a VMWare/Vsphere/ESXi host.

However from what I’ve seen thus far, Admin needs to be easier to handle. Not necessarily setting a Default PW (although I suspect the risks to be minimal)… But better docs to setup Admin…
And a 10 minute timeframe for setting up Admin when the “User/Admin” is reading docs on how to do it?? MINIMUM 1 HOUR.

So, right now I still need help getting my daemon setup for Admin. Please.


Update
Followed the following from FAQ =

  • remove the entry serverAccountBase64MD5
  • remove the entry adminAccount (if any)
  • choose a new password by setting the entry serverAccount to <account>:<password>, for example serverAccount=admin
    [I didn’t set PW, rather restarted daemon, ran bin/passwd.sh ]

Is this normal output when running passwd.sh ? ==

rhubear@crypto-alerts-vm:~/YACY/yacy$ bin/passwd.sh
Setting new YaCy administrator password…
Please enter the new password for user ‘admin’ :
YaCy server appears to be running. Calling the ConfigAccounts_p API…

[==========================================================]

</div> <!-- End of main page content -->
Password successfully changed for User Name 'admin'.

None of this works for Admin login, probably bc I’m not running the browser from localhost.
So, how to redirect admin to my Win10 pc?

should work (again) with the release from yesterday. Did you use that?

Yes, I DL YaCy late last night… Tar listed below. Its the latest on your site… So my entire experience is using that version.
I’m quite happy to do more troubleshooting with you, or follow more suggestions.

rhubear@crypto-alerts-vm:~/YACY$ ls
yacy yacy_v1.924_20201214_10042.tar.gz
rhubear@crypto-alerts-vm:~/YACY$

Have you seen my Gitter updates?