[arm-allstar] hamvoip V1.5 update

[David McGough]

Hi Tom,

argon2 is a dependency for some new features in the pipeline, coming soon.  
For now, it's just a set of libraries and a command-line encryption tool,
offering very high quality one-way password hashing. It's not network
enabled and doesn't represent any security hazard.

As for the 4096 bit RSA public keys placed in the /root/.ssh folder, NO,
they aren't a back door for ssh or anything else; they don't change your
existing authorized_keys or any other files. These files are named
hv_rsa.pub and hv_rsa.pub.pem and will be used to encrypt data sent to
external servers; again for some project that are coming soon.

73, David KB4FXC



On Tue, 26 Sep 2017, "Tom Hayward via arm-allstar" wrote:

> On Tue, Sep 26, 2017 at 9:36 AM, "Doug Crompton via arm-allstar"
> <arm-allstar at hamvoip.org> wrote:
> > - Adds the argon2 encryption tools as a dependency (for dns-lookup)
> 
> Can you elaborate on this? What protocols does it use over the
> network? We have many Allstar nodes on ham microwave networks and
> cannot use encryption. Cryptographic signatures are okay and allow for
> message authentication and integrity, but ciphers must be disabled.
> 
> > - Includes hamvoip RSA public keys in /root/.ssh folder (for dns-lookup)
> 
> Can you elaborate on this? What exactly is added and where? Does this
> create a backdoor for root SSH access to the node? That's the
> impression I get from that description.
> 
> Will the keys I already have in /root/.ssh/authorized_keys still be
> present after the update? I don't want to get locked out of my node.
> 
> Tom KD7LXL
> _______________________________________________
> 
> arm-allstar mailing list
> arm-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> 
> Visit the BBB and RPi2/3 web page - http://hamvoip.org
>