From mboxrd@z Thu Jan  1 00:00:00 1970
From: "J. Lance Cotton" <joe@lightningflash.net>
Subject: Re: axspawn and security on the air
Date: Wed, 28 May 2003 10:19:23 -0500
Sender: linux-hams-owner@vger.kernel.org
Message-ID: <3ED4D37B.20700@lightningflash.net>
References: <3ED4C9DA.6070108@lightningflash.net> <20030528150112.GA19391@leo.tneu.visi.com> <3ED4D137.4020404@lightningflash.net> <20030528151549.GB19391@leo.tneu.visi.com>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <linux-hams-owner@vger.kernel.org>
In-Reply-To: <20030528151549.GB19391@leo.tneu.visi.com>
List-Id: <linux-hams.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: Tim Neu <tim@tneu.visi.com>
Cc: linux-hams@vger.kernel.org

Tim Neu wrote:

> On Wed, May 28, 2003 at 10:09:43AM -0500, J. Lance Cotton wrote:
> 
>>I just recalled using the s/key one-time-password system at school once, so 
>>I will look into that. It seems to be a good solution: secure and 
>>low-bandwidth.
> 
> 
> The only problem is that with a one-time authentication event, it could be fairly easy to hijack a control session in
> mid-stream.   (however remote the possibility may be)
> 
> One neat solution might be digitally signing each command that requires authentication - but that is out of my
> league! 

Way out of my league too. Plus I think the bandwidth requirements for a 
signature along with the command is sort of poor amateur practice on the 
144.39 APRS frequency, unless I set up a second control radio/TNC on 440. Hmm.

> Good luck!  73s.   

Thanks for the advice and help!

-Lance
-- 
J. Lance Cotton, KJ5O
http://map.findu.com/kj5o-14
joe@lightningflash.net