Security, 2 security – ADLINK Hurricane-QM57 User Manual

SME-LEMT-R0V8

Revision 0.8

Page 19 of 22

7.2 Security

Caution

Running a web server may introduce several and severe
security risks for your system and network!

Exposing LEMT on a web page means anyone with a browser can use it. Among other things this
means anyone can reboot the board at any time. It is recommended to install the web interface in a
trusted network only.

Caution

Exposing LEMT on a web page means anyone with a browser
can use it. Among other things this means anyone can reboot
the board at any time. It is recommended to install the web
interface in a trusted network only.

If this is not an option you may use an .htpasswd file to protect the web interface with passwords. If
worried about transmitting plain text over the net use digest authentication or enable encryption
with HTTPS. You will likely have to switch to a more feature rich server for that.

But if you are actually reading this paragraph because security is a concern then the LEMTWeb
interface might not be the right solution for you in the first place. Calling the LEMT command line
tool directly via a SSH connection is safer and much easier to set up properly. This will also save
resources, especially if you use a lightweight server like Dropbear instead of the widely known
OpenSSH. An SSH server additionally provides secure shell access for maintenance and makes
updating your application possible via SCP for example.