Return-Path: Message-ID: <8c7950360709061306w39a081f1od1c372dafabc5072@mail.gmail.com> Date: Thu, 6 Sep 2007 16:06:04 -0400 From: shanevolpe@gmail.com To: bluez-users@lists.sourceforge.net MIME-Version: 1.0 Subject: [Bluez-users] devices always connect with out asking for PIN even with pairing enabled! Reply-To: BlueZ users List-Id: BlueZ users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============2034351514==" Sender: bluez-users-bounces@lists.sourceforge.net Errors-To: bluez-users-bounces@lists.sourceforge.net --===============2034351514== Content-Type: multipart/alternative; boundary="----=_Part_57141_26104228.1189109164754" ------=_Part_57141_26104228.1189109164754 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I have two embedded Linux devices that I'm running a network between using PAN. I have decided that I would like to enable pairing and eventually encryption for security reasons. Here is what I have done I'm starting pand master with the following: pand --listen --master --role NAP and the slave with pand --connect 00:A0:96:18:69:D8 --persist were 00:A0:96:18:69:D8 is the masters address. Below are the hci.conf files for both my master and slave device.. I would expect that when I try to connect with out a passkey-agent running (on the slave) I would not be able to connect but that is not the case. The slave connects to the master every time. I also tried "hciconfig hci0 delkey _bt_address_" on both the slave and master where _bt_address_ was the address of the other device. What am I doing incorrect? Regards, Shane ************Master Unit hci.conf file********************* # # HCI daemon configuration file. # # $Id: hcid.conf,v 1.4 2004/04/29 20:14:21 holtmann Exp $ # # HCId options options { # Automatically initialize new devices autoinit yes; # Security Manager mode # none - Security manager disabled # auto - Use local PIN for incoming connections # user - Always ask user for a PIN # security auto; # Pairing mode # none - Pairing disabled # multi - Allow pairing with already paired devices # once - Pair once and deny successive attempts pairing multi; # PIN helper #pin_helper /bin/bluepin; passkey "shane"; # D-Bus PIN helper # dbus_pin_helper; } # Default settings for HCI devices device { # Local device name # %d - device id # %h - host name name "%h"; # Local device class class 0x120112; # Default packet type #pkt_type DH1,DM1,HV1; # Inquiry and Page scan iscan enable; pscan enable; # Default link mode # none - no specific policy # accept - always accept incoming connections # master - become master on incoming connections, # deny role switch on outgoing connections # #lm accept,master; # lm accept; # Default link policy # none - no specific policy # rswitch - allow role switch # hold - allow hold mode # sniff - allow sniff mode # park - allow park mode # #lp hold,sniff; # lp rswitch,hold,sniff,park; # Authentication and Encryption #auth enable; #encrypt enable; } ****************Slave Unit hci.conf file****************** # # HCI daemon configuration file. # # $Id: hcid.conf,v 1.4 2004/04/29 20:14:21 holtmann Exp $ # # HCId options options { # Automatically initialize new devices autoinit yes; # Security Manager mode # none - Security manager disabled # auto - Use local PIN for incoming connections # user - Always ask user for a PIN # security auto; # Pairing mode # none - Pairing disabled # multi - Allow pairing with already paired devices # once - Pair once and deny successive attempts pairing multi; # PIN helper #pin_helper /bin/bluepin; # D-Bus PIN helper # dbus_pin_helper; } # Default settings for HCI devices device { # Local device name # %d - device id # %h - host name name "%h"; # Local device class class 0x120112; # Default packet type #pkt_type DH1,DM1,HV1; # Inquiry and Page scan iscan enable; pscan enable; # Default link mode # none - no specific policy # accept - always accept incoming connections # master - become master on incoming connections, # deny role switch on outgoing connections # #lm accept,master; # lm accept; # Default link policy # none - no specific policy # rswitch - allow role switch # hold - allow hold mode # sniff - allow sniff mode # park - allow park mode # #lp hold,sniff; # lp rswitch,hold,sniff,park; # Authentication and Encryption #auth enable; #encrypt enable; } ------=_Part_57141_26104228.1189109164754 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I have two embedded Linux devices that I'm running a network between using PAN.  I have decided that I would like to enable pairing and eventually encryption for security reasons. 
Here is what I have done I'm starting pand master with the following:
pand --listen --master --role  NAP
and the slave with
pand --connect 00:A0:96:18:69:D8 --persist
were 00:A0:96:18:69:D8 is the masters address.

Below are the hci.conf files for both my master and slave device..

I would expect that when I try to connect with out a passkey-agent running (on the slave) I would not be able to connect but that is not the case.  The slave connects to the master every time.

I also tried "hciconfig hci0 delkey _bt_address_"
on both the slave and master where _bt_address_ was the address of the other device.
What am I doing incorrect?
Regards,
Shane

************Master Unit hci.conf file*********************
#
# HCI daemon configuration file.
#
# $Id: hcid.conf,v 1.4 2004/04/29 20:14:21 holtmann Exp $
#

# HCId options
options {
        # Automatically initialize new devices
        autoinit yes;

        # Security Manager mode
        #   none - Security manager disabled
        #   auto - Use local PIN for incoming connections
        #   user - Always ask user for a PIN
        #
        security auto;

        # Pairing mode
        #   none  - Pairing disabled
        #   multi - Allow pairing with already paired devices
        #   once  - Pair once and deny successive attempts
        pairing multi;

        # PIN helper
        #pin_helper /bin/bluepin;
        passkey "shane";
        # D-Bus PIN helper
        # dbus_pin_helper;
}

# Default settings for HCI devices
device {
        # Local device name
        #   %d - device id
        #   %h - host name
        name "%h";

        # Local device class
        class 0x120112;

        # Default packet type
        #pkt_type DH1,DM1,HV1;

        # Inquiry and Page scan
        iscan enable; pscan enable;

        # Default link mode
        #   none   - no specific policy
        #   accept - always accept incoming connections
        #   master - become master on incoming connections,
        #            deny role switch on outgoing connections
        #
        #lm accept,master;
        #
        lm accept;

        # Default link policy
        #   none    - no specific policy
        #   rswitch - allow role switch
        #   hold    - allow hold mode
        #   sniff   - allow sniff mode
        #   park    - allow park mode
        #
        #lp hold,sniff;
        #
        lp rswitch,hold,sniff,park;

        # Authentication and Encryption
        #auth enable;
        #encrypt enable;
}

****************Slave Unit hci.conf file******************
#
# HCI daemon configuration file.
#
# $Id: hcid.conf,v 1.4 2004/04/29 20:14:21 holtmann Exp $
#

# HCId options
options {
        # Automatically initialize new devices
        autoinit yes;

        # Security Manager mode
        #   none - Security manager disabled
        #   auto - Use local PIN for incoming connections
        #   user - Always ask user for a PIN
        #
        security auto;

        # Pairing mode
        #   none  - Pairing disabled
        #   multi - Allow pairing with already paired devices
        #   once  - Pair once and deny successive attempts
        pairing multi;

        # PIN helper
        #pin_helper /bin/bluepin;
        # D-Bus PIN helper
        # dbus_pin_helper;
}

# Default settings for HCI devices
device {
        # Local device name
        #   %d - device id
        #   %h - host name
        name "%h";

        # Local device class
        class 0x120112;

        # Default packet type
        #pkt_type DH1,DM1,HV1;

        # Inquiry and Page scan
        iscan enable; pscan enable;

        # Default link mode
        #   none   - no specific policy
        #   accept - always accept incoming connections
        #   master - become master on incoming connections,
        #            deny role switch on outgoing connections
        #
        #lm accept,master;
        #
        lm accept;

        # Default link policy
        #   none    - no specific policy
        #   rswitch - allow role switch
        #   hold    - allow hold mode
        #   sniff   - allow sniff mode
        #   park    - allow park mode
        #
        #lp hold,sniff;
        #
        lp rswitch,hold,sniff,park;

        # Authentication and Encryption
        #auth enable;
        #encrypt enable;
}

------=_Part_57141_26104228.1189109164754-- --===============2034351514== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ --===============2034351514== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Bluez-users mailing list Bluez-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bluez-users --===============2034351514==--