Luci: Skip password in LAN?

Is it possible to disable password if connecting from LAN to Luci?
It's a bit annoying to do enter it every time.

you can setup an ssh key

... or just don't set any.

not a good idea because i have exposed ssl port to WAN

This is actually not a good idea. If you need to be able to remotely access/administer the router, use a VPN. It's much more secure. The webserver is not hardened for exposure to the internet.


set up a 2nd web server, like lighttpd, for external access, have it use .htpasswd or some other way of authentication, and leave the luci pass empty.

agree with @psherman though.

1 Like

actually a good idea setting up a reverseproxy.

If you use HTTP basic auth, LuCI will automatically login if the passed credentials match. You could setup your reverse proxy to automatically add an authorization header for backend requests towards LuCI.

Another alternative is modifying /usr/share/luci/menu.d/luci-base.json and removing/emptying the auth: {} entries.


Is this still true? I tried adding the appropriate header via haproxy, which I've sat in front of nginx/luci, to no avail. Still definitely getting a login screen.

my haproxy config includes:
http-request add-header Authorization "Basic base64-encoded-user:pass-here