You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/guide/installation/14_securing.md
+4-3Lines changed: 4 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -150,7 +150,7 @@ The Network Address is randomly assigned on device join and usually remains the
150
150
The "permit join" state determines whether new devices are allowed to join the network.
151
151
Joining is enabled temporarily (for 254 seconds by default) via the dedicated frontend button or via MQTT. You can also close the joining window manually once pairing is complete.
152
152
153
-
:::warning WARNING
153
+
:::tip TIP
154
154
Freshly joined devices may automatically permit joining on themselves for a specific duration (max 254 seconds).
155
155
:::
156
156
@@ -169,11 +169,12 @@ See also [Add install code via MQTT](../../guide/usage/mqtt_topics_and_messages.
169
169
For stricter control over which devices are allowed on the network, use a passlist or blocklist.
170
170
See [Device blocklist / passlist](../configuration/block-pass-list.md) for more details.
171
171
172
-
:::tip
172
+
:::tip TIP
173
173
Devices that are not allowed are removed from the network on startup (e.g. configuration changes since last run), and on join attempts.
174
+
Note: removal is a request sent to the targeted device to "ask it" to leave, a malicious device could purposely ignore it.
174
175
:::
175
176
176
-
:::tip
177
+
:::tip TIP
177
178
Using a passlist is the most restrictive and therefore most secure option, only explicitly trusted devices can join.
0 commit comments