We wonder if there is anyway to do an "advance" password change.
Situation: We have some pi zero's in the field. They are connected via wifi. We can ssh into them.
Sometimes the location where they are at changes the wifi password. We have advance notice, and it would be nice to be able to ssh in while they are still connected and the wifi password hasnt changed, and schedule or do something that would make it use the new password when it changes.
Thanks in advance for any ideas.
Related
I have a raspi medical instrument which monitors xxx every minute or so and sends the reading to my www server. It all works well except the part at first installation where the customer enters his wifi credentials into the raspi. I really do not want to know his wifi or password.
I need some way for the customer to enter his wifi and password at his location, and without me being able to know the wifi and password.
How have others solved this problem?
You could set the Pi up to be an access point and then ask him for the WiFi details to create wpa_supplicant.conf in /boot, remove the AP config and reboot.
If you are not up to creating that code you could use the Balena WiFi code from GITHUB (code here) if the licence fits your use case.
I'm using Raspberry Pis for a department store. Because of the new GDPR I have to make the Raspberry Pis completely safe. So if someone potentially steals one of them, he absolutely can't access to anything. The Raspberries themselves play videos from a server, so they need to be connected to the wifi. Does anyone have an idea how I can protect the password of the wifi or maybe just delete the... "login-protocol" or something like that? Or do I need to use a second network?
Thanks and Greetings,
Elias
You can use wpa_passphrase to obscure the WiFi password, which would throw up a big (but not absolute*) obstacle to someone who grabbed the Pi, pulled out the SD card, and rummaged through it for sekret stuff.
A safer move might be to treat the Pi as an inherently insecure device. Put an access point on a network segment that only has access to the videos you want to show, and give the Pi those credentials. If someone nabs the Pi and tears the SD card apart, all they'll find are credentials that let them attach to the store WiFi and watch the same videos.
* A determined attacker can run a 'dictionary attack' to try to generate the psk formed from the SSID and the pass phrase. Time consuming and slow to succeed if you have a long, strong WiFi password, but if your requirements are to be "completely safe", and you're liable to get in to long arguments with auditors, wpa_passphrase might not be worth the hassle.
I am trying to find out what is the best way check internet connectivity in tizen. Although there is a connection manager I can think of a scenerio where it would not work. Suppose the device is connected to wifi but wifi is not connected to internet. What is the best best way to resolve this issue? I am thinking of using getaddrinfo? But would not that resolve to IP using cached value. Then should I connect to a known website (e.g. google although some country might block it)?
You can hit an address and check for response for certain time of interval. If there is no response for say 2 min or so then you can show message to user that there is some problem with Internet connection.
Now I face a tricky problem. My Blackberry Classics has a black screen problem. When I connect it to my laptop with USB cable, Blackberry Link can detect it. However when it tried to connect to it, the Blackberry Blend prompted me to set the Allow Connections switch to on on the device. Obviously, I could not do that. I am thinking maybe there is a method to let me connect to the Blackberry 10 through the USB port just like a console port, but I am not sure. Does anyone know about it? Thanks in advance.
Momenitcs does provide a few ways to connect with a device. But generally the device has to be in development mode, which requires interacting with the device which you apparently can't do. The access is also limited to the development user so you could not use it to, for example, access data from installed applications.
About the only thing you can do at this point is use link to backup your data and restore to that phone once repaired, or to a new phone.
Also, since this question is not really suitable for StackOverflow I'm going to flag it for closing. Questions like this properly belong on SuperUser http://meta.superuser.com/questions/4836/what-is-the-difference-between-super-user-and-stack-overflow/4838
When Apple's Remote app tries to connect to a Mac (running iTunes) on a local network (using WiFi), the user needs to enter a passcode provided by the iPhone as a security measure. This approach has been adopted by a number of other apps (e.g., Rowmote, Pastebot, ...). Is there an API that provides this way of working?
Assuming Bonjour is in play, how does an iPhone checks if the passcode entered on a Mac is correct without resolving the NSNetService the Mac is publishing? Or does the iPhone resolve the NSNetService a Mac is publishing and waits for the passcode to be confirmed before processing any other packets that might be sent via the NSNetService (packets other than the passcode).
I have a solution for my problem, but I would like to know if there's an API I have overlooked that provides a ready-made solution.
Advice and pointers are welcome.
Thanks in advance,
Bart
I don't believe there is an Apple provided API for this. I simply use the Bonjour APIs to open a connection between two devices, then have one randomly create a 4 digit passcode and ask the other device for it. The other device presents a UI to ask the user for the passcode, then transmits it back and waits for an answer. If they match, the devices store each other's identifiers to skip over this process the next time they connect.
Edit: Thanks to tc for pointing out that this implementation isn't totally secure. I'm now having one device create a unique, random password, and send it over to the other device, then store the SHA1 hash of the password for future reference. Then the other device stores the password and sends it back over whenever it connects for authentication. The user does the number code thing once in order to let the devices know that they should trust each other in the future, but now in order for a reverse engineer to connect to a device they would have to know both the identifier of and password for a valid, connected device. (Or they'd have to have access to both devices and do the number code thing; there isn't really a way to stop anyone from doing that, obviously).