Difference between revisions of "Authentication"
m (→Remote Access) |
(No difference)
|
Latest revision as of 14:28, 21 November 2009
Access List
The Tracker2's default remote access control mechanism is a simple list of authorized callsigns. This list can be edited through OTWINCFG or using the AUTHLIST command. Callsigns are entered without SSID. A '*' in the first entry will match all callsigns, giving remote access to everyone if password authentication is not enabled.
cmd:authlist AUTHLIST N1VG cmd:authlist +kb6vaa AUTHLIST N1VG, KB6VAA cmd:authlist +ki6fal AUTHLIST N1VG, KB6VAA, KI6FAL cmd:authlist -kb6vaa AUTHLIST N1VG, KI6FAL cmd:
Password
The Tracker2's second access control mechanism is a one-time password facility. The user sets a passphrase of at least 16 characters using the SECRET command. From this passphrase, the tracker generates a series of 4-character passwords, each to be used only once and in sequence. The PASSLIST command prints a list of passwords with their sequence numbers that the user can carry with them. As each password is used, it is crossed off the list.
cmd:secret This is my new passphrase. Set. cmd:passlist 32 0:237U 1:3XY2 2:T8TH 3:4W2T 4:SNJJ 5:A3XD 6:TP8W 7:9FT6 8:G9FS 9:VFS8 10:BA80 11:4WAV 12:S4N7 13:WXPE 14:7EWD 15:4WUS 16:E3KD 17:5HR3 18:JDWS 19:0WA9 20:7ZXT 21:5F4R 22:B4EZ 23:9MG9 24:0MJT 25:2ZXY 26:2PAK 27:HXJE 28:04YF 29:58GZ 30:6K3W 31:XXMD cmd:pwauth on PWAUTH ON cmd:
The PWAUTH command enables or disables password authentication.
Limitations
Do not use the same passphrase on two different devices. The same passphrase will generate the same sequence of passwords, and an eavesdropper who hears a password used on one device would then know one of the valid passwords for the other device.
Because the password is not tied to the content of the message being sent, there's a risk of man-in-the-middle attacks. For direct RF links the risk is small because the eavesdropper would hear the password at the same time as the device being controlled, unless they actively jammed the controlled device's receiver. Unsuccessful control attempts present a more significant risk; a valid password sent with a message that wasn't heard by the device remains valid. Because of the unreliability of APRS messaging over multiple digipeater hops or through IGates, non-receipt of commands is a very real possibility. To reduce this threat, it's advisable to send a non-authenticated test message to the target device first to ensure that it's reachable.
Technical Details
The XXTEA block cipher forms the basis of the Tracker2's one-time password mechanism. Only the encryption routine is used; no decryption is required.
A 128-bit key is generated from the user's passphrase by zero-padding the passphrase to a multiple of 128 bits and using each 128-bit section in succession to repeatedly encrypt two 64-bit plaintext blocks starting with initialization vectors of 0x25b5874597119bc5 and 0xb556ae25caa24730 respectively. The resulting ciphertext becomes the 128-bit secret key.
For each password to be generated, the nonce 0x77a2566769436027 is exclusive-OR'd with the 16-bit sequence counter, and then encrypted using the secret key. 30 bits of the resulting ciphertext become the 4-character password; the low five bits of each of the leftmost four bytes of the ciphertext are each used as an index into the password character set to select one character of the password. The character set is as follows:
0123456789ABCDEFGHJKMNPRSTUVWXYZ
Remote Access
The Tracker2 uses APRS Messaging to send remote commands. Use your favorite APRS application to send commands over the air. (Nuvi, UIview, OpenAPRS.net) The messaging "From" must match AUTHLIST, if enabled. "To" is your remote Tracker2's callsign. "Text" must begin with CMD, followed by your one time passphrase, and remote command. Each command sent uses up a passphrase.
Example:(From:KI6FAL-1 To:N1VG-3 Text:CMDXXXX TXD 19) The remote will respond with the change, or rejection. Correct response from remote Tracker2 is (TXDELAY 19)
Remote commands sent via OT2-Nuvi
DISPATCH, MESSAGES, CREATE MESSAGE. (negotiate through Nuvi screens to the message field) -N1vg-3 cmd237u alias 1 wide1 (set alias 1 to wide1) ALIAS 1:WIDE1 -N1vg-3 cmd3xy2 hop 1 0 (Set hop limit on Alias1 to 0, for fill-in that responds to WIDE1-1 only) HOPLIMIT 1:0 (Tracker2 set to WIDE1-1 fill-in digi) -N1vg-3 cmdt8th usealias 1 on (Turn on Alias 1) USEALIAS 1:ON -N1vg-3 Cmd4w2t reset RESET (Remote Tracker2 will attempt to send one acknowledgment before resetting)
Most commands only require the first three characters of the remote command, several require the whole command (ALIAS=ali, TXDELAY=txd, PATH=path).
Use - to clear a command field (CMDXXXX PATH -)Path can be cleared if I-gates can hear the tracker2 directly.
Check current setting by sending command only (Send CMDXXXX ali), remote response (ALIAS 1:WIDE1 2:TEMP 3:SAR)
Passphrases should be scratched off your list as they are used up to avoid loss of password.
When connected directly to your Tracker2, you can see what your next valid passphrase is by using SECRET command.
CMD:Secret SECRET 5 (Use Passphrase 5 next)