-
Notifications
You must be signed in to change notification settings - Fork 24
Peer Authentication
HBNet includes an optional PEER authentication system. This includes the use of generated passphrases and access control from the web service. The web service will query radioid.net when a user registers. Thus each registered user has a list of their associated DMR IDs.
When a PEER (hotspot/repeater) connects to HBNet, the core (hbnet.py) will query the web service and find out if the DMR ID is allowed to connect and what passphrase authentication method to use (generated, custom, or legacy passphrase). If the supplied passphrase matches the authentication method, and the supplied DMR ID is associated with a user account that is enabled, then the PEER will be authenticated.
Passphrase generation is set in config.py of the web service and/or the configuration file for the core (hbnet.py). There are several values that should be changed from the default values. Often, the generated passphrase for each user is very long. You can shorten the passphrase to a specific length in the configuration.
Navigating to Admin > Manage Users, you will see all registered users. Clicking on any of the users will bring up a page where you can perform administrative functions. Among them is a field labeled MMDVM Authentication Settings (Python dictionary format). This field contains all associated DMR IDs of the user, and the authentication method for each ID. 0 = generated passphrase, 1 = additional generated passphrases (used for a compromised passphrase), '' = passphrase of MASTER or PROXY, and 'passw0rd = custom passphrases. The default passphrase is 0. The core (hbnet.py) will download a new "burnlist" at start, and every 10 minutes. The burnlist contains a list of IDs and which version of generated passphrase to use.