Generating application tokens in Turris OS 3.11

In 3.11, we pushed into distribution some of the redesigns and improvements in the Foris web interface that were made originally with Turris OS 4.0 and Turris MOX in mind. We wanted to make at least part of the redesign available to you, our current users upfront so you can enjoy early on what will come with Turris MOX. Part of the things we are working is redesign of our Android app. You can read more about that in our blog post and give us feedback what would you like to see in it. Unfortunately because of that we are currently without a possibility to easily generate new tokens for our existing apps in Foris. But don’t worry, the app should work with the previously generated tokens as before. We also have a command line based solution for generating new tokens.

How to generate a new token for old apps

  • In Updater tab, which is in Foris check Access Tokens, save it.
  • SSH to your router and type in terminal:
/usr/share/nuci/tls/new_client  clientname
  • Copy the key from folder /usr/share/nuci/tls/clients to random but accessible location
cp /usr/share/nuci/tls/clients/clientname.token \
/www/luci-static/my_secret_url.token
  • Update feeds and install package qrencode
opkg update && opkg install qrencode
  • Generate QRcode to scan
qrencode "turris://$(ubus call network.interface.lan status | sed -n 's|.*"address": "\([0-9.]*\)".*|\1|p')/luci-static/my_secret_url.token?scheme=http&hostname=$HOSTNAME&board_name=turris" -o /www/luci-static/my_secret_url.svg
  • Open the QRcode in your browser. Change the IP address of your router, if you change it. By default, it is 192.168.1.1

http://192.168.1.1/luci-static/my_secret_url.svg

Scan it with Turris app and you should be connected to the same network, where is the router.

Once it is done you need to delete files you have created

rm /www/luci-static/my_secret_url*

according to this

the QR code might be invalid , so i tried to generate that one, and it seems to work but i am stuck on endless warning about invalid ssl certificate - i have https redirect on turris.
Any suggestions ?

Edit: setting the schema to https on the token generation in the linked comment and using ip adress instead of hostname helped and i was able to connect

tak na tento návod jako stavař a nikoliv Ajťák nemám.
Turris je, vypadá to, produkt pro vyvolené, nikoliv pro kohokoliv.

aktualne snad ani i takto vygenerovany QR nefunguje (aspon v mem pripade), tokeny i tu apku jsem odinstaloval. jestli se nepletu je nejakej plan to ozivit , ale asi to nebude ted prioritka …

a ano TOS je tak trosku pro nadsence, pokud clovek chce specialitky tak se prikazove radce neda vyhnout.

Pokud jsem to pochopil dobře, s aplikací ve stávající podobě se již nepočítá a tím pádem ani s tokeny, které kromě ní využíval ještě Spectator.

presne tak, driv byl i ve forisu “generator” qrkodu na tlacitko, pak to zmizlo ale slo to jeste provozovat v prikazove radce (viz toto vlakno) , ale od jisteho update uz ani to.
tohle vlakno asi brzo nekdo z pomazanych zavre :slight_smile:

Jako mě to přes tu commandline funguje, musel jsem to jeste rucne upravit, ale take nejsem na poslednim releasu , pac tam mi nechodi dns.

Tak ten postup zveřejněte také pro ostatní. Ve fóru o to mělo zájem více lidí.

Postupoval jsem podle návodu tady až ke kroku generování qr kódu.

Generování qr kódu jsem dělal podle tohoto příspěvku, s tím že místo $hostname jsem použil ip adresu turrise, jinak mi to nešlo a schema=https - já mám https protože http mám ve svojí cfg vyplé na firewallu. Ale dělal jsem to někdy před Vánocemi.

QR kód je možné otevřít i v jiné aplikace, na qr kódy

2 Likes