addons icon indicating copy to clipboard operation
addons copied to clipboard

Published 20 hours ago verified publisher icon home-assistant

received null username or password for unpwd check

Open Gugulator opened this issue 3 years ago • 14 comments

Describe the issue you are experiencing

Fresh new installation of HA. Supervisor 2022.08.3 Operating System 8.4

The first and the only addon installed is Mosquitto broker.

It does not matter if I'm configuring it with or without username & password in settings. It does not matter if I have other user in HA & typing his logon details in addon config. It does not matter if I configuring ACL for mosquitto.

Every 5 seconds have same line in log of the broker: Client disconnected, not authorised. New connection from 172.30.32.1:49688 on port 1883.

Always same thig just different source port number.

What type of installation are you running?

Home Assistant OS

Which operating system are you running on?

Home Assistant Operating System

Which add-on are you reporting an issue with?

Mosquitto broker

What is the version of the add-on?

6.1.2

Steps to reproduce the issue

  1. Install Home Assistant OS
  2. Create user for the first run
  3. Install add-on
  4. Run add-on without config
  5. After few seconds starting receive a error message in log.

Also tried one more fresh install of HaOS.

  1. Install Home Assistant OS
  2. Create user for the first run
  3. Install add-on
  4. Config username and password in add-on
  5. Run add-on
  6. After few seconds starting receive a error message in log. ...

Anything in the Supervisor logs that might be useful for us?

nothing

Anything in the add-on logs that might be useful for us?

1661014441: New connection from 172.30.32.1:46798 on port 1883.
error: received null username or password for unpwd check
1661014441: Client <unknown> disconnected, not authorised.
1661014446: New connection from 172.30.32.1:60876 on port 1883.
error: received null username or password for unpwd check
1661014446: Client <unknown> disconnected, not authorised.
1661014451: New connection from 172.30.32.1:60882 on port 1883.
error: received null username or password for unpwd check
1661014451: Client <unknown> disconnected, not authorised.
1661014456: New connection from 172.30.32.1:43568 on port 1883.
error: received null username or password for unpwd check
1661014456: Client <unknown> disconnected, not authorised.
1661014461: New connection from 172.30.32.1:43576 on port 1883.
error: received null username or password for unpwd check
1661014461: Client <unknown> disconnected, not authorised.
1661014466: New connection from 172.30.32.1:56066 on port 1883.
error: received null username or password for unpwd check
1661014466: Client <unknown> disconnected, not authorised.
1661014471: New connection from 172.30.32.1:56072 on port 1883.
error: received null username or password for unpwd check
1661014471: Client <unknown> disconnected, not authorised.
1661014476: New connection from 172.30.32.1:55242 on port 1883.
error: received null username or password for unpwd check
1661014476: Client <unknown> disconnected, not authorised.
1661014481: New connection from 172.30.32.1:55250 on port 1883.
error: received null username or password for unpwd check
1661014481: Client <unknown> disconnected, not authorised.
1661014486: New connection from 172.30.32.1:39940 on port 1883.
error: received null username or password for unpwd check

Additional information

after checking issue, the source IP is the docker gateway address. HaOS installed on VM running on windows pc

Gugulator avatar Aug 20 '22 16:08 Gugulator

Seems like you have something trying to connect without using a username and password. Anonymous logins are not supported by this addon fyi. They used to be at one point but aren't anymore so perhaps you still have something using it?

Start by making a list of all the services you've set up to talk to your broker and go through them one by one. Something clearly has bad credentials in that list. Nothing inherently connects to your broker in HA without you telling it to do so.

mdegat01 avatar Aug 22 '22 13:08 mdegat01

Seems like you have something trying to connect without using a username and password. Anonymous logins are not supported by this addon fyi. They used to be at one point but aren't anymore so perhaps you still have something using it?

Start by making a list of all the services you've set up to talk to your broker and go through them one by one. Something clearly has bad credentials in that list. Nothing inherently connects to your broker in HA without you telling it to do so.

As I described in topic, it is a new fresh installation of Home Assistant OS. Created from image that downloaded from official website. The one and only add-on installed after HaOS installation it is Mosquitto broker.

Gugulator avatar Aug 22 '22 18:08 Gugulator

Oh wait I believe that is watchdog. Watchdog checks that port 1883 is open and something is listening regularly but I believe Mosquitto doesn't like that anymore now that anonymous logins are disabled. We need to update it to be a docker healthcheck but haven't gotten there yet.

If you disable watchdog does the error go away?

mdegat01 avatar Aug 29 '22 22:08 mdegat01

Oh wait I believe that is watchdog. Watchdog checks that port 1883 is open and something is listening regularly but I believe Mosquitto doesn't like that anymore now that anonymous logins are disabled. We need to update it to be a docker healthcheck but haven't gotten there yet.

If you disable watchdog does the error go away?

You mean watchdog of Mosquitto broker??

Gugulator avatar Aug 30 '22 05:08 Gugulator

Yes. Like on the addon page you can toggle on watchdog. If you toggle it off do the logs go away?

mdegat01 avatar Aug 30 '22 05:08 mdegat01

Yes. Like on the addon page you can toggle on watchdog. If you toggle it off do the logs go away?

Still tons of errors in log, only outbound port is differ: 1661840783: New connection from 172.30.32.1:54642 on port 1883. error: received null username or password for unpwd check 1661840783: Client disconnected, not authorised.

Again, maybe it will help you to understand the issue. This is HaOS installed on VM. And the IP is belongs to docker gateway

Gugulator avatar Aug 30 '22 06:08 Gugulator

updated to version 6.1.3. of Mosquitto broker. problem still continues. only changed timestamp format

2022-08-30 12:21:41: New connection from 172.30.32.1:48278 on port 1883. error: received null username or password for unpwd check 2022-08-30 12:21:41: Client disconnected, not authorised.

Gugulator avatar Aug 30 '22 09:08 Gugulator

Nothing talks to the Mosquitto addon by default unless you have configured it to do so. Some typical ways a system can be configured which cause it to talk to Mosquitto are these:

  1. Enabling watchdog for the addon. This causes Supervisor to ping it regularly. 172.30.32.1 is supervisor's IP address in an HA system with supervisor, hence why this is the most likely culprit
  2. Home Assistant talks to the broker if the MQTT integration has been set up. This can be done very quickly as it is "discovered" and can be set up with one click of a button. The IP would be that of HA's though so this seems less likely
  3. Other addons or externally hosted pieces of software can be configured to talk to Mosquitto. The IP address should be specific to that addon or whatever machine is hosting the software though so this also seems less likely.

That's it. I'm not really sure what else to tell you at this point. That doesn't just happen because you installed an addon, something else was configured which is causing regular, unauthorized communication to your broker. You're going to have to figure out what that is.

mdegat01 avatar Aug 30 '22 14:08 mdegat01

Ok, I've made a test. Here is step by step:

Downloaded latest HaOS version 8.5. Installed it as a new separate VM. Creating user at startupm as usual. Restarted VM after first run (just in case). Enabling advanced mode for user. The first and only addon I've installed it is Mosquitto broker. I didn't installed or configured any integrations or any other addons.

Here part of the log of mosquitto broker after first run. [08:52:42] INFO: Starting NGINX for authentication handling... [08:52:42] INFO: Starting mosquitto MQTT broker... 2022-08-31 08:52:42: Warning: Mosquitto should not be run as root/administrator. 2022-08-31 08:52:42: mosquitto version 2.0.11 starting 2022-08-31 08:52:42: Config loaded from /etc/mosquitto/mosquitto.conf. 2022-08-31 08:52:42: Loading plugin: /usr/share/mosquitto/go-auth.so 2022-08-31 08:52:42: ├── Username/password checking enabled. 2022-08-31 08:52:42: ├── TLS-PSK checking enabled. 2022-08-31 08:52:42: └── Extended authentication not enabled. 2022-08-31 08:52:42: Opening ipv4 listen socket on port 1883. 2022-08-31 08:52:42: Opening ipv6 listen socket on port 1883. 2022-08-31 08:52:42: Opening websockets listen socket on port 1884. 2022-08-31 08:52:42: mosquitto version 2.0.11 running error: received null username or password for unpwd check [08:52:43] INFO: Successfully send discovery information to Home Assistant. [08:52:43] INFO: Successfully send service information to the Supervisor. 2022-08-31 08:52:43: New connection from 127.0.0.1:39076 on port 1883. 2022-08-31 08:52:43: Client closed its connection. 2022-08-31 08:52:47: New connection from 172.30.32.1:42182 on port 1883. error: received null username or password for unpwd check 2022-08-31 08:52:47: Client disconnected, not authorised. 2022-08-31 08:52:53: New connection from 172.30.32.1:42196 on port 1883. error: received null username or password for unpwd check

Watchdog disabled autorun disabled auto update disabled.

Gugulator avatar Aug 31 '22 06:08 Gugulator

Any update on this? I'm have the exact same issue.

ryknow27 avatar Sep 01 '22 23:09 ryknow27

I have the same problem. I have installation in Docker and after restart raspberry my devices (Tasmota) can't connect to Mosquitto broker with credentials. When I restart Mosquitto broker from HA my devices connect successfully. It's very disturbing.How I can resolved this issue?

kowalczykrafal avatar Sep 06 '22 20:09 kowalczykrafal

image

BoichenkoRoman avatar Sep 15 '22 16:09 BoichenkoRoman

Had the same issue and it turned out to be the MQTT settings within Node-red had no credentials, might help someone.

cwelsh1812 avatar Sep 22 '22 10:09 cwelsh1812

Had the same issue and it turned out to be the MQTT settings within Node-red had no credentials, might help someone.

This was exactly the issue I had. Fixed, thanks.

Maxobus avatar Sep 30 '22 06:09 Maxobus

I've also been having the same 3 errors ping over and over again. New to HA and just freshly installed Mosquitto Broker. I'm trying to use it with ring-mqtt.

2022-10-15 01:50:48: Client <unknown> disconnected, not authorised. 2022-10-15 01:50:49: New connection from 172.30.32.1:58518 on port 1883. error: received null username or password for unpwd check

simon-c-wong avatar Oct 15 '22 08:10 simon-c-wong

I'm having the same issue. I've identified all mqtt clients and they can all connect without issue. Still getting the following log every 5 seconds. Watchdog disabled. I've sniffed the traffic going into the server and there aren't any requests correlating with this errors. Appears to be generated by an internal service, nothing pertinent in the debug logs.

2022-10-21 11:04:43: Client <unknown> disconnected, not authorised.
2022-10-21 11:04:48: New connection from 172.30.32.1:35140 on port 1883.
error: received null username or password for unpwd check

trevortrevor avatar Oct 21 '22 10:10 trevortrevor

Had the same issue and it turned out to be the MQTT settings within Node-red had no credentials, might help someone.

This was exactly the issue I had. Fixed, thanks.

I may be a n00b, but I can't find the mqtt settings in Node-red.

cloudfarm01 avatar Nov 07 '22 13:11 cloudfarm01

Had the same issue and it turned out to be the MQTT settings within Node-red had no credentials, might help someone.

This was exactly the issue I had. Fixed, thanks.

I may be a n00b, but I can't find the mqtt settings in Node-red.

If you double click on one of your mqtt nodes in node red, then you will get the edit node screen, from there click on the pencil icon to edit the server, then the security tab will have your mqtt settings.

cwelsh1812 avatar Nov 07 '22 13:11 cwelsh1812

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

github-actions[bot] avatar Dec 07 '22 14:12 github-actions[bot]

hi, i have the same problem and i can't fix it i have this error: Client auto-263B5804-E8BF-EE12-85DB-D75B28DEC435 disconnected, not authorised. 2023-05-29 20:09:27: New connection from 172.30.32.1:33300 on port 1883. error: received null username or password for unpwd check. i don't know how to solve thanks!

Niconaco avatar May 29 '23 18:05 Niconaco

Hi, I had a similar issue and what fixed for me was making sure the user configured to connect to the broker had a username and password. Solved it for me :)

Xhanti avatar Jun 05 '23 17:06 Xhanti

Same issue. Fresh installation of Home assistant OS. Someone has an idea how to solve the issue?

I have tried to create a dedicated user in home assistant. I triple checked the username and passwords. It will not let me connect.

I appreciate any help to this matter. Thanks!

kapabel avatar May 27 '24 04:05 kapabel

@kapabel Hi, I didn't find any solution, but it still works even if I get these errors.

Niconaco avatar May 27 '24 12:05 Niconaco

@kapabel Hi, I didn't find any solution, but it still works even if I get these errors.

lucky you, my clients get a “connection refused” error.

kapabel avatar May 27 '24 16:05 kapabel