Is encryption supported?
Maksim Yevmenkin
maksim.yevmenkin at savvis.net
Sun Sep 25 18:21:38 PDT 2005
Vance Shipley wrote:
> I am looking for a way to turn on encryption. Apparently the
> gnubox application, which I need to get my Nokia 6620 doing
> TCP/IP over bluetooth, insists on enabling encryption.
>
> I have tried:
>
> $ hccontrol -n ubt0hci write_encryption_mode 1
> $ hccontrol -n ubt0hci read_encryption_mode
> Encryption mode: Only for point-to-point packets [0x1]
if i'm not mistaken, the specification says that encryption will be
enabled if connection authentication enabled as well, so you need
# hccontrol -n ubt0hci write_authentication_enable 1
# hccontrol -n ubt0hci write_encryption_mode 1
you also need to make sure hcsecd(8) is running and you have paired your
phone and pc. keep in mind that after you issue these commands freebsd
will want to authenticate _all_ baseband connections.
> However when I look at a connection I see it is not encrypted:
>
> $ hccontrol -n ubt0hci read_connection_list
> Remote BD_ADDR Handle Type Mode Role Encrypt Pending Queue State
> Nokia6620 7 ACL 0 MAST NONE 0 0 OPEN
>
> I see that Linux has a flag in /etc/bluetooth/hcid.conf to turn
> on encryption. It also has a -encrypt command line option to dund.
>
> Is this a limitation with FreeBSD?
well, somewhat. freebsd does not yet support for authenticating and/or
encrypting _individual_ connection on request. you can turn
authentication and/or encryption on/off globally with hccontrol(8).
link authentication and encryption is really silly (kinda like WEP). if
you really want encryption you should not use bluetooth. i'm not even
sure why your application insists on it. bluetooth connections usually
have short life time, devices have to be in rf proximity (10 meters) and
you cant sniff/spoof bluetooth traffic with of-the-shelf (cheap) devices
(or at least i do not know the way to do it :)
thanks,
max
More information about the freebsd-bluetooth
mailing list