More secure?

[thauch]

Any ideas on how this could be more secure than just exposing the DirecTV boxes port?

Any way to do authentication?

[bklavet]

more secure as in... anything? :) not without adding equipment on the homeside of things. another was working on a Rpi setup so that the skill would hit the Rpi authenticate and the Rpi would send off the requests on the lan.

[vmweaver]

I have done this and operate like this now. I haven't had time to write it up, but essentially I have an RPi2 running Raspbian (I think). I have installed nginx as an API proxy on my local network. This proxy runs over SSL (TLS1.1 and TLS1.2) with self-signed certs (for now). I then have my router/firewall NAT my external address on port 8443 to my proxy server.

The API proxy will parse the URL and send to my DTV box on standard http with no credentials. I now have it also sending commands to my connected TV to adjust volume through my Alexa Skill.

Once the API proxy is in place, it is relatively trivial to setup additional internal endpoints or automations.

I have committed to get something written up, but it's been a busy year and haven't had the cycles to sit down and do it.

On Mon, Oct 31, 2016 at 11:03 AM, B money notifications@github.com wrote:

more secure as in... anything? :) not without adding equipment on the homeside of things. another was working on a Rpi setup so that the skill would hit the Rpi authenticate and the Rpi would send off the requests on the lan.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/bklavet/Echo-skill-to-control-Directv/issues/14#issuecomment-257335934, or mute the thread https://github.com/notifications/unsubscribe-auth/ACibPSEN4YNZpjEOvUwwmcZWsdarL1Oyks5q5hE3gaJpZM4KlIOQ .