Understanding how authentication works

First off, Im loving Channels so far, but a bit confused on how authentication works and dont like leaving things unsecured. So first off, Im only using Channels locally, no ports forwarded, so no worries there, my channels server is on a subnet with my other servers/vm's and I have firewall rules to allow my wifi subnet to that specific port. Everything works great thats not the complaint - what Im curious of, is in both instances when I set up android clients (my phone and android tv - shield) I had to use the enter IP option due to discovery failing (makes sense in my environment, again no issue) - here's where Im confused, thats all I had to do! I was never prompted to authenticate with credentials, pin, etc. My account for Channels is not linked to google, its an email address based account - only commonality being it is the same email addy as my google account used on the android devices - but I didnt think this would work for SSO? Anyways, Im just trying to make sure someone cant just join my wifi network, enter the IP of my Channels server and have access to everything. If this is the case, and theres nothing I can do about it, I can always resort to firewall rules to only whitelist certain devices to be able to hit the server, but I perfer good ole user based auth lol. All of this wouldnt be a big deal if it was just my HDHR content and TVE/Philo, but Im also using a custom playlist to display my ip cameras as channels, and I go to great lengths to secure them, this would be a huge weak point, but I sure love the convienence!

There isn't any sort of authentication. Far as i know. Other than when u first setup your DVR server and pay for the monthly/yearly subscription.
Any client on the network can connect and use Channels sever.

Channels DVR does not have profiles/user accounts etc, alike to Emby or Plex.
It is meant to be a in home open use solution guess.

Dude, it’s tv watching for god sakes. No one is going to hack your 327 digit wifi password, figure out your the route through your firewalls, vlans, open ports and figure out ip addresses just so they can launch their own version of channels on their hardware, enter said ip address and watch your tv or backyard camera.

They’ll probably just send you a phishing email.

Channels DVR Server does not require authentication on a local network for normal private IP ranges.

Connecting to it any other way or with a hostname will have authentication kick in.

Thanks guys! Appreciate most responses, maybe I came off wrong, I certainly wasnt complaining, I just wanted to make sure I understood things correctly, and I totally get it most aren't concerned with local security on a platform like this. I certainly plan to continue using it, just with some minor firewall based security in place for my own piece of mind.

1 Like

Authentication on remote connections to the server have always been quite solid with Channels DVR. Well though out, and even improved upon.

I don't use remote acces. or, technically, the built in system.

Well, i used to use remote acces for a couple years when Emby was my main DVR and media center software....often streamed or downloaded shows that recorded, while i sat in my car for my 45min lunch break, at a previous place of employment. But, job change and schedule change, and never had the time or need to do so.

I have tried Channels DVR remote acces, when i first moved over to it as my primary TV DVR system, but found it unreliable, and often loose connection.

I now have a different and chill job, where i pretty much can just stream podcasts all day while i work, and on occasion, on lunch, will stream a short tv i recorded previously.

Anyway, i setup WireGuard VPN via PiVPN on a Raspberry Pi 4 i have, for security/privacy/ad-blocking local DNS, to my home network on my phone, and since that makes the phone think it is on my local network, both Channels DVR, and Emby, and anything else, works fine, with no extra ports forwarded or anything else. Found it to be very reliable a solution. and makes things safer and encrypted when using my work wifi, or any free wifi.