• fconf2binkd

    From Tommi Koivula@2:221/1 to All on Monday, June 07, 2021 09:09:12

    Hi All,

    It seems that 'fconf2binkd -p' puts only SessionPwd to binkd config, but not PktPwd.

    # Format of the password file:
    # [password] <FTN address> <inpwd>[,[<pktpwd>][,<outpwd>]]
    # where:
    # [password] optional "password" token;
    # <FTN address> address of a link in the form 1:2/3.4@domain
    # or 1:2/3@domain or 1:2/3 or 1:2/3.4;
    # <inpwd> password for incoming sessions;
    # <pktpwd> packet password, used when "share" token
    # is handled;
    # <outpwd> password for outgoing sessions.
    # Any password is one word without spaces or tabs. If <pktpwd> or <outpwd>
    # is omitted, it will be assumed equal to <inpwd>. If a password is defined for # a node by the "node" token, then the passwords for the node in the password
    # file will be ignored.
    #

    'Tommi

    ---
    * Origin: - rbb.fidonet.fi - Lake Ylo - Finland - (2:221/1)
  • From Brother Rabbit@2:460/58.10 to Tommi Koivula on Tuesday, June 08, 2021 08:19:54
    Hi, Tommi!

    07 июн 21 09:09, Tommi Koivula -> All:

    It seems that 'fconf2binkd -p' puts only SessionPwd to binkd config,
    but not PktPwd.

    Why is there any other password needed besides the password for the session?

    Have nice nights.
    Brother Rabbit.

    --- Хороший собеседник не только внимательно слушает, но и вовремя наливает.
    * Origin: Lame Users Breeding. Simferopol, Crimea. (2:460/58.10)
  • From Tommi Koivula@2:221/1 to Brother Rabbit on Tuesday, June 08, 2021 14:43:00

    08 Jun 21 08:19, Brother Rabbit wrote to Tommi Koivula:

    It seems that 'fconf2binkd -p' puts only SessionPwd to binkd config,
    but not PktPwd.

    Why is there any other password needed besides the password for the
    session?

    If Binkd changes the .pkt password of outbound netmail.

    # Define shared aka
    # Add a shared-address as aka for any node from this list, so that
    # uncompessed netmail for shared aka will be sent in the first session with # any node listed in shares; packet header will be updated to match this
    # node's main aka and pkt password
    # share <shared-address> <node1> [<node2> ...]

    'Tommi

    ---
    * Origin: 2a01:4f9:c011:1ec5:f1d0:2:221:1 (2:221/1)
  • From Benny Pedersen@2:230/0 to Brother Rabbit on Monday, July 26, 2021 23:04:28
    Hello Brother!

    08 Jun 2021 08:19, Brother Rabbit wrote to Tommi Koivula:

    It seems that 'fconf2binkd -p' puts only SessionPwd to binkd config,
    but not PktPwd.

    Why is there any other password needed besides the password for the session?

    yep, some forget to put pkt passwords on binkd session or viseversa, for the husky config there is no problem to solve

    it does not make sense to have pkt password travel over unsecure binkd session in plain text :/

    hopefully binkd will have starttls support in next specs, if not to late to solve it


    Regards Benny

    ... too late to die young :)
    --- Msged/LNX 6.1.2 (Linux/5.13.5-gentoo-dist (x86_64))
    * Origin: gopher://fido.junc.eu/ (2:230/0)
  • From Oli@2:280/464.47 to Benny Pedersen on Tuesday, July 27, 2021 08:14:41
    Benny wrote (2021-07-26):

    Hello Brother!

    08 Jun 2021 08:19, Brother Rabbit wrote to Tommi Koivula:

    It seems that 'fconf2binkd -p' puts only SessionPwd to binkd
    config, but not PktPwd.

    Why is there any other password needed besides the password for the
    session?

    yep, some forget to put pkt passwords on binkd session or viseversa, for the husky config there is no problem to solve

    it does not make sense to have pkt password travel over unsecure binkd session in plain text :/

    you still need PKT passwords, because of the flawed FTN mailer pseudo-security model.

    hopefully binkd will have starttls support in next specs, if not to late to solve it

    you can already use binkp over direct TLS.

    ---
    * Origin: . (2:280/464.47)
  • From Wilfred van Velzen@2:280/464 to Benny Pedersen on Tuesday, July 27, 2021 10:52:31
    Hi Benny,

    On 2021-07-26 23:04:28, you wrote to Brother Rabbit:

    it does not make sense to have pkt password travel over unsecure binkd session in plain text :/

    Sure it still makes sense, because other fidonet systems are very unlikely to be able to eavesdrop on the unsecure binkd sessions...


    Bye, Wilfred.
    --- FMail-lnx64 2.1.0.18-B20170815
    * Origin: FMail development HQ (2:280/464)