Return-Path: Message-ID: <8c7950360709110512k1cede8e8r78b04b739de49ce4@mail.gmail.com> Date: Tue, 11 Sep 2007 08:12:54 -0400 From: shanevolpe@gmail.com To: "BlueZ users" In-Reply-To: <1189457819.687.89.camel@violet> MIME-Version: 1.0 References: <8c7950360709061306w39a081f1od1c372dafabc5072@mail.gmail.com> <1189451433.687.59.camel@violet> <8c7950360709101256u4a62893dmcd4b342343088a73@mail.gmail.com> <1189457819.687.89.camel@violet> Subject: Re: [Bluez-users] devices always connect with out asking for PIN even with pairing enabled! Reply-To: BlueZ users List-Id: BlueZ users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Sender: bluez-users-bounces@lists.sourceforge.net Errors-To: bluez-users-bounces@lists.sourceforge.net Marcel, Then if comment out all the options in the hcid.conf, hcid should then use all its default values and I should be able to do the pairing and security completely with PAND, correct? A passkey agent is used to send the key when requested by the master but then how do you set the passkey on the master. I was originally using passkey in the hcid.conf file but that goes against your recommendation of never touching the hcid.conf file. Were does the master PIN get set? Does it also just use a passkey agent? Regards, Shane On 9/10/07, Marcel Holtmann wrote: > Hi Shane, > > > I was not trying to do wild guessing with the hci.conf, I have read > > the readme's and MAN files on the hcid.conf. What I'm trying to > > better understand is performing secure bluetooth however can't find > > documentation on what type of security is available during the initial > > paring process. It seem to me that at the hci level is the correct > > place to provide security. > > > > At a minimum I want to provide a unique PIN so that only devices with > > that PIN can pair to my unit but I also don't want someone using > > hcidump to sit by two of my units that are pairing and get the PIN. > > > > Ideally it would be great to have something similar to ssh were I > > could only allow a certain encrypted key to pair to my device. Then I > > could distribute that private encrypted key to all devices that I want > > to give connection privilege. That is what I originally thought the > > Auth/Encryption option was for in the hcid.conf but after reading the > > MAN page I don't believe that is the case. > > they have been removed from upstream anyway, because they lead to the > wrong assumptions. > > And again, check the manual page for pand or check pand --help for > further information. It will give you all needed information. > > Regards > > Marcel > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Bluez-users mailing list > Bluez-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bluez-users > -- Registered Linux User: #293401 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Bluez-users mailing list Bluez-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bluez-users