I have two embedded Linux devices that I'm running a network between using
PAN. I have decided that I would like to enable pairing and eventually
encryption for security reasons.
Here is what I have done I'm starting pand master with the following:
pand --listen --master --role NAP
and the slave with
pand --connect 00:A0:96:18:69:D8 --persist
were 00:A0:96:18:69:D8 is the masters address.
Below are the hci.conf files for both my master and slave device..
I would expect that when I try to connect with out a passkey-agent running
(on the slave) I would not be able to connect but that is not the case. The
slave connects to the master every time.
I also tried "hciconfig hci0 delkey _bt_address_"
on both the slave and master where _bt_address_ was the address of the other
device.
What am I doing incorrect?
Regards,
Shane
************Master Unit hci.conf file*********************
#
# HCI daemon configuration file.
#
# $Id: hcid.conf,v 1.4 2004/04/29 20:14:21 holtmann Exp $
#
# HCId options
options {
# Automatically initialize new devices
autoinit yes;
# Security Manager mode
# none - Security manager disabled
# auto - Use local PIN for incoming connections
# user - Always ask user for a PIN
#
security auto;
# Pairing mode
# none - Pairing disabled
# multi - Allow pairing with already paired devices
# once - Pair once and deny successive attempts
pairing multi;
# PIN helper
#pin_helper /bin/bluepin;
passkey "shane";
# D-Bus PIN helper
# dbus_pin_helper;
}
# Default settings for HCI devices
device {
# Local device name
# %d - device id
# %h - host name
name "%h";
# Local device class
class 0x120112;
# Default packet type
#pkt_type DH1,DM1,HV1;
# Inquiry and Page scan
iscan enable; pscan enable;
# Default link mode
# none - no specific policy
# accept - always accept incoming connections
# master - become master on incoming connections,
# deny role switch on outgoing connections
#
#lm accept,master;
#
lm accept;
# Default link policy
# none - no specific policy
# rswitch - allow role switch
# hold - allow hold mode
# sniff - allow sniff mode
# park - allow park mode
#
#lp hold,sniff;
#
lp rswitch,hold,sniff,park;
# Authentication and Encryption
#auth enable;
#encrypt enable;
}
****************Slave Unit hci.conf file******************
#
# HCI daemon configuration file.
#
# $Id: hcid.conf,v 1.4 2004/04/29 20:14:21 holtmann Exp $
#
# HCId options
options {
# Automatically initialize new devices
autoinit yes;
# Security Manager mode
# none - Security manager disabled
# auto - Use local PIN for incoming connections
# user - Always ask user for a PIN
#
security auto;
# Pairing mode
# none - Pairing disabled
# multi - Allow pairing with already paired devices
# once - Pair once and deny successive attempts
pairing multi;
# PIN helper
#pin_helper /bin/bluepin;
# D-Bus PIN helper
# dbus_pin_helper;
}
# Default settings for HCI devices
device {
# Local device name
# %d - device id
# %h - host name
name "%h";
# Local device class
class 0x120112;
# Default packet type
#pkt_type DH1,DM1,HV1;
# Inquiry and Page scan
iscan enable; pscan enable;
# Default link mode
# none - no specific policy
# accept - always accept incoming connections
# master - become master on incoming connections,
# deny role switch on outgoing connections
#
#lm accept,master;
#
lm accept;
# Default link policy
# none - no specific policy
# rswitch - allow role switch
# hold - allow hold mode
# sniff - allow sniff mode
# park - allow park mode
#
#lp hold,sniff;
#
lp rswitch,hold,sniff,park;
# Authentication and Encryption
#auth enable;
#encrypt enable;
}
Marcel Holtmann wrote (Tue 2007-Sep-11 17:15:47 +0200):
> You have to run a passkey agent. It takes care of asking for the PIN. A
> passkey agent however must not be interactive. It could always provide a
> default PIN. Write your own one if you need something special.
Note that when a German writes "must not" and it doesn't really
seem to make sense, he usually means "does not have to". This is
due to similar wording (but different meaning) used in the
German language. Same is true for "actual", which is often used
when the intended meaning is "current" or "prevailing".
Cheers, Marcus
-- =
Marcus C. Gottwald =B7 http://www.inf.fu-berlin.de/~gottwald/
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users
Hi Shane,
> Then if comment out all the options in the hcid.conf, hcid should then
> use all its default values and I should be able to do the pairing and
> security completely with PAND, correct?
use the default hcid.conf. It has sane settings. And yes, pand will
control the request for authentication.
> A passkey agent is used to send the key when requested by the master
> but then how do you set the passkey on the master. I was originally
> using passkey in the hcid.conf file but that goes against your
> recommendation of never touching the hcid.conf file. Were does the
> master PIN get set? Does it also just use a passkey agent?
You have to run a passkey agent. It takes care of asking for the PIN. A
passkey agent however must not be interactive. It could always provide a
default PIN. Write your own one if you need something special.
Regards
Marcel
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users
Marcel,
Then if comment out all the options in the hcid.conf, hcid should then
use all its default values and I should be able to do the pairing and
security completely with PAND, correct?
A passkey agent is used to send the key when requested by the master
but then how do you set the passkey on the master. I was originally
using passkey in the hcid.conf file but that goes against your
recommendation of never touching the hcid.conf file. Were does the
master PIN get set? Does it also just use a passkey agent?
Regards,
Shane
On 9/10/07, Marcel Holtmann <[email protected]> wrote:
> Hi Shane,
>
> > I was not trying to do wild guessing with the hci.conf, I have read
> > the readme's and MAN files on the hcid.conf. What I'm trying to
> > better understand is performing secure bluetooth however can't find
> > documentation on what type of security is available during the initial
> > paring process. It seem to me that at the hci level is the correct
> > place to provide security.
> >
> > At a minimum I want to provide a unique PIN so that only devices with
> > that PIN can pair to my unit but I also don't want someone using
> > hcidump to sit by two of my units that are pairing and get the PIN.
> >
> > Ideally it would be great to have something similar to ssh were I
> > could only allow a certain encrypted key to pair to my device. Then I
> > could distribute that private encrypted key to all devices that I want
> > to give connection privilege. That is what I originally thought the
> > Auth/Encryption option was for in the hcid.conf but after reading the
> > MAN page I don't believe that is the case.
>
> they have been removed from upstream anyway, because they lead to the
> wrong assumptions.
>
> And again, check the manual page for pand or check pand --help for
> further information. It will give you all needed information.
>
> Regards
>
> Marcel
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2005.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Bluez-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/bluez-users
>
--
Registered Linux User: #293401
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users
Hi Shane,
> I was not trying to do wild guessing with the hci.conf, I have read
> the readme's and MAN files on the hcid.conf. What I'm trying to
> better understand is performing secure bluetooth however can't find
> documentation on what type of security is available during the initial
> paring process. It seem to me that at the hci level is the correct
> place to provide security.
>
> At a minimum I want to provide a unique PIN so that only devices with
> that PIN can pair to my unit but I also don't want someone using
> hcidump to sit by two of my units that are pairing and get the PIN.
>
> Ideally it would be great to have something similar to ssh were I
> could only allow a certain encrypted key to pair to my device. Then I
> could distribute that private encrypted key to all devices that I want
> to give connection privilege. That is what I originally thought the
> Auth/Encryption option was for in the hcid.conf but after reading the
> MAN page I don't believe that is the case.
they have been removed from upstream anyway, because they lead to the
wrong assumptions.
And again, check the manual page for pand or check pand --help for
further information. It will give you all needed information.
Regards
Marcel
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users
Marcel,
I was not trying to do wild guessing with the hci.conf, I have read
the readme's and MAN files on the hcid.conf. What I'm trying to
better understand is performing secure bluetooth however can't find
documentation on what type of security is available during the initial
paring process. It seem to me that at the hci level is the correct
place to provide security.
At a minimum I want to provide a unique PIN so that only devices with
that PIN can pair to my unit but I also don't want someone using
hcidump to sit by two of my units that are pairing and get the PIN.
Ideally it would be great to have something similar to ssh were I
could only allow a certain encrypted key to pair to my device. Then I
could distribute that private encrypted key to all devices that I want
to give connection privilege. That is what I originally thought the
Auth/Encryption option was for in the hcid.conf but after reading the
MAN page I don't believe that is the case.
FYI:
The hcid.conf MAN page states that encryption in most cases should be
enabled however most default hcid.conf files has it disabled so that
would infer that a user should go in and change the hcid.conf.
I think what I'm finding out (after reading the MAN page again) is
the best place to get a better understanding of bluetooth security
options is the Bluetooth standards so I will try next to get a copy of
them.
I understand your frustration with the same issues being posted time
and time again and I have tried to avoid doing that by googling the
bluez site and email list. I will continue to search and try to find
what I have obviously missed!
Regards and sorry,
Shane
On 9/10/07, Marcel Holtmann <[email protected]> wrote:
> Hi Shane,
>
> > I have two embedded Linux devices that I'm running a network between
> > using PAN. I have decided that I would like to enable pairing and
> > eventually encryption for security reasons.
> > Here is what I have done I'm starting pand master with the following:
> > pand --listen --master --role NAP
> > and the slave with
> > pand --connect 00:A0:96:18:69:D8 --persist
> > were 00:A0:96:18:69:D8 is the masters address.
> >
> > Below are the hci.conf files for both my master and slave device..
>
> don't touch hcid.conf unless you know exactly what you are doing. Wild
> guessing doesn't help here and if you mess it up then it is your fault.
> I mentioned that multiple times, but people keep doing it anyway.
>
> If you wanna have authentication and encryption, then read the manual
> page of pand. It allows you to specify this for the server.
>
> Regards
>
> Marcel
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2005.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Bluez-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/bluez-users
>
--
Registered Linux User: #293401
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users
Hi Shane,
> I have two embedded Linux devices that I'm running a network between
> using PAN. I have decided that I would like to enable pairing and
> eventually encryption for security reasons.
> Here is what I have done I'm starting pand master with the following:
> pand --listen --master --role NAP
> and the slave with
> pand --connect 00:A0:96:18:69:D8 --persist
> were 00:A0:96:18:69:D8 is the masters address.
>
> Below are the hci.conf files for both my master and slave device..
don't touch hcid.conf unless you know exactly what you are doing. Wild
guessing doesn't help here and if you mess it up then it is your fault.
I mentioned that multiple times, but people keep doing it anyway.
If you wanna have authentication and encryption, then read the manual
page of pand. It allows you to specify this for the server.
Regards
Marcel
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users