Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Difference between revisions of "Mihini/Security"

(New page: == How to activate security with M3DA protocol? == Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command: $ make all agen...)
 
(How to activate security with M3DA protocol?)
Line 1: Line 1:
 
 
 
== How to activate security with M3DA protocol? ==
 
== How to activate security with M3DA protocol? ==
  
 
Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command:  
 
Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command:  
 +
<source lang="bash">
 
$ make all agent_provisioning
 
$ make all agent_provisioning
 +
</source>
  
 
Note: Here the following list you can define for encryption and authentication:
 
Note: Here the following list you can define for encryption and authentication:
  - AUTHENTICATION_TYPE = hmac-md5    or  hmac-sha1  or none  (if you select none for authentication, you must select none for encryption)
+
  * AUTHENTICATION_TYPE = hmac-md5    or  hmac-sha1  or none  (if you select none for authentication, you must select none for encryption)
  - ENCRYPTION_TYPE           = aes-cbc-128  or    aes-cbc-256  or  aes-ctr-128  or  aes-ctr-256  or  none
+
  * ENCRYPTION_TYPE     = aes-cbc-128  or    aes-cbc-256  or  aes-ctr-128  or  aes-ctr-256  or  none
  
 
1. Choose the authentication algorithm :
 
1. Choose the authentication algorithm :
 +
<source>
 
agent.config.server.authentication ='hmac-sha1'
 
agent.config.server.authentication ='hmac-sha1'
 +
</source>
 
   
 
   
 
2. Choose the encryption algorithm :
 
2. Choose the encryption algorithm :
 +
<source>
 
agent.config.server.encryption ='aes-cbc-128'
 
agent.config.server.encryption ='aes-cbc-128'
 +
</source>
  
 
3. Generate the keys by using Registration password (shareKey) (=> Compute and store the keys)
 
3. Generate the keys by using Registration password (shareKey) (=> Compute and store the keys)
 +
<source>
 
require 'agent.provisioning'.registration_password 'xxxx'      (needs "make all agent_provisioning" to be executed before)
 
require 'agent.provisioning'.registration_password 'xxxx'      (needs "make all agent_provisioning" to be executed before)
 +
</source>
  
 
== Usefull commands ==
 
== Usefull commands ==

Revision as of 09:36, 5 April 2013

How to activate security with M3DA protocol?

Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command: 

$ make all agent_provisioning

Note: Here the following list you can define for encryption and authentication: 

* AUTHENTICATION_TYPE = hmac-md5    or  hmac-sha1   or none  (if you select none for authentication, you must select none for encryption)
* ENCRYPTION_TYPE     = aes-cbc-128   or    aes-cbc-256   or   aes-ctr-128   or   aes-ctr-256   or   none

1. Choose the authentication algorithm :

Invalid language.

You need to specify a language like this: <source lang="html4strict">...</source>

Supported languages for syntax highlighting:

4cs, 6502acme, 6502kickass, 6502tasm, 68000devpac, abap, actionscript, actionscript3, ada, algol68, apache, applescript, apt_sources, arm, asm, asp, asymptote, autoconf, autohotkey, autoit, avisynth, awk, bascomavr, bash, basic4gl, bf, bibtex, blitzbasic, bnf, boo, c, c_loadrunner, c_mac, caddcl, cadlisp, cfdg, cfm, chaiscript, cil, clojure, cmake, cobol, coffeescript, cpp, cpp-qt, csharp, css, cuesheet, d, dcl, dcpu16, dcs, delphi, diff, div, dos, dot, e, ecmascript, eiffel, email, epc, erlang, euphoria, f1, falcon, fo, fortran, freebasic, freeswitch, fsharp, gambas, gdb, genero, genie, gettext, glsl, gml, gnuplot, go, groovy, gwbasic, haskell, haxe, hicest, hq9plus, html4strict, html5, icon, idl, ini, inno, intercal, io, j, java, java5, javascript, jquery, kixtart, klonec, klonecpp, latex, lb, ldif, lisp, llvm, locobasic, logtalk, lolcode, lotusformulas, lotusscript, lscript, lsl2, lua, m68k, magiksf, make, mapbasic, matlab, mirc, mmix, modula2, modula3, mpasm, mxml, mysql, nagios, netrexx, newlisp, nsis, oberon2, objc, objeck, ocaml, ocaml-brief, octave, oobas, oorexx, oracle11, oracle8, otj, oxygene, oz, parasail, parigp, pascal, pcre, per, perl, perl6, pf, php, php-brief, pic16, pike, pixelbender, pli, plsql, postgresql, povray, powerbuilder, powershell, proftpd, progress, prolog, properties, providex, purebasic, pycon, pys60, python, q, qbasic, rails, rebol, reg, rexx, robots, rpmspec, rsplus, ruby, sas, scala, scheme, scilab, sdlbasic, smalltalk, smarty, spark, sparql, sql, stonescript, systemverilog, tcl, teraterm, text, thinbasic, tsql, typoscript, unicon, upc, urbi, uscript, vala, vb, vbnet, vedit, verilog, vhdl, vim, visualfoxpro, visualprolog, whitespace, whois, winbatch, xbasic, xml, xorg_conf, xpp, yaml, z80, zxbasic


agent.config.server.authentication ='hmac-sha1'

2. Choose the encryption algorithm :

Invalid language.

You need to specify a language like this: <source lang="html4strict">...</source>

Supported languages for syntax highlighting:

4cs, 6502acme, 6502kickass, 6502tasm, 68000devpac, abap, actionscript, actionscript3, ada, algol68, apache, applescript, apt_sources, arm, asm, asp, asymptote, autoconf, autohotkey, autoit, avisynth, awk, bascomavr, bash, basic4gl, bf, bibtex, blitzbasic, bnf, boo, c, c_loadrunner, c_mac, caddcl, cadlisp, cfdg, cfm, chaiscript, cil, clojure, cmake, cobol, coffeescript, cpp, cpp-qt, csharp, css, cuesheet, d, dcl, dcpu16, dcs, delphi, diff, div, dos, dot, e, ecmascript, eiffel, email, epc, erlang, euphoria, f1, falcon, fo, fortran, freebasic, freeswitch, fsharp, gambas, gdb, genero, genie, gettext, glsl, gml, gnuplot, go, groovy, gwbasic, haskell, haxe, hicest, hq9plus, html4strict, html5, icon, idl, ini, inno, intercal, io, j, java, java5, javascript, jquery, kixtart, klonec, klonecpp, latex, lb, ldif, lisp, llvm, locobasic, logtalk, lolcode, lotusformulas, lotusscript, lscript, lsl2, lua, m68k, magiksf, make, mapbasic, matlab, mirc, mmix, modula2, modula3, mpasm, mxml, mysql, nagios, netrexx, newlisp, nsis, oberon2, objc, objeck, ocaml, ocaml-brief, octave, oobas, oorexx, oracle11, oracle8, otj, oxygene, oz, parasail, parigp, pascal, pcre, per, perl, perl6, pf, php, php-brief, pic16, pike, pixelbender, pli, plsql, postgresql, povray, powerbuilder, powershell, proftpd, progress, prolog, properties, providex, purebasic, pycon, pys60, python, q, qbasic, rails, rebol, reg, rexx, robots, rpmspec, rsplus, ruby, sas, scala, scheme, scilab, sdlbasic, smalltalk, smarty, spark, sparql, sql, stonescript, systemverilog, tcl, teraterm, text, thinbasic, tsql, typoscript, unicon, upc, urbi, uscript, vala, vb, vbnet, vedit, verilog, vhdl, vim, visualfoxpro, visualprolog, whitespace, whois, winbatch, xbasic, xml, xorg_conf, xpp, yaml, z80, zxbasic


agent.config.server.encryption ='aes-cbc-128'

3. Generate the keys by using Registration password (shareKey) (=> Compute and store the keys)

Invalid language.

You need to specify a language like this: <source lang="html4strict">...</source>

Supported languages for syntax highlighting:

4cs, 6502acme, 6502kickass, 6502tasm, 68000devpac, abap, actionscript, actionscript3, ada, algol68, apache, applescript, apt_sources, arm, asm, asp, asymptote, autoconf, autohotkey, autoit, avisynth, awk, bascomavr, bash, basic4gl, bf, bibtex, blitzbasic, bnf, boo, c, c_loadrunner, c_mac, caddcl, cadlisp, cfdg, cfm, chaiscript, cil, clojure, cmake, cobol, coffeescript, cpp, cpp-qt, csharp, css, cuesheet, d, dcl, dcpu16, dcs, delphi, diff, div, dos, dot, e, ecmascript, eiffel, email, epc, erlang, euphoria, f1, falcon, fo, fortran, freebasic, freeswitch, fsharp, gambas, gdb, genero, genie, gettext, glsl, gml, gnuplot, go, groovy, gwbasic, haskell, haxe, hicest, hq9plus, html4strict, html5, icon, idl, ini, inno, intercal, io, j, java, java5, javascript, jquery, kixtart, klonec, klonecpp, latex, lb, ldif, lisp, llvm, locobasic, logtalk, lolcode, lotusformulas, lotusscript, lscript, lsl2, lua, m68k, magiksf, make, mapbasic, matlab, mirc, mmix, modula2, modula3, mpasm, mxml, mysql, nagios, netrexx, newlisp, nsis, oberon2, objc, objeck, ocaml, ocaml-brief, octave, oobas, oorexx, oracle11, oracle8, otj, oxygene, oz, parasail, parigp, pascal, pcre, per, perl, perl6, pf, php, php-brief, pic16, pike, pixelbender, pli, plsql, postgresql, povray, powerbuilder, powershell, proftpd, progress, prolog, properties, providex, purebasic, pycon, pys60, python, q, qbasic, rails, rebol, reg, rexx, robots, rpmspec, rsplus, ruby, sas, scala, scheme, scilab, sdlbasic, smalltalk, smarty, spark, sparql, sql, stonescript, systemverilog, tcl, teraterm, text, thinbasic, tsql, typoscript, unicon, upc, urbi, uscript, vala, vb, vbnet, vedit, verilog, vhdl, vim, visualfoxpro, visualprolog, whitespace, whois, winbatch, xbasic, xml, xorg_conf, xpp, yaml, z80, zxbasic


require 'agent.provisioning'.registration_password 'xxxx'       (needs "make all agent_provisioning" to be executed before)

Usefull commands

If you want to remove the authentication: > agent.config.server.authentication = nil

To remove the encryption: > agent.config.server.encryption = nil

To change the password : > require 'agent.provisioning'.password ='xxxx' (needs "make all agent_provisioning" to be executed before)

To remove the password : Keys are stored in : /readyagent/build.default/runtime/crypto Remove the file : crypto.key

Create a connection: > airvantage=require "airvantage" > airvantage.connecttoserver()

Retrieved from "https://wiki.eclipse.org/index.php?title=Mihini/Security&oldid=332917"

Back to the top