Re: SEC SEM BV 09, MITM + No Bonding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 19/08/15 17:23, Johan Hedberg wrote:
Hi Tony,

On Wed, Aug 19, 2015, tony wrote:
Can somebody please advise on how to force blueZ to initiate connection with
authentication requirement 1 (MITM required + No Bonding)? From the blueZ
code, I noticed it follows lead from the remote device. But couldn't find
anything obvious when initiating connection.

IIRC you do this by setting HIGH or FIPS security level together with
PSM 1 (SDP). l2cap_get_auth_type() in net/bluetooth/l2cap_core.c seems
to indicate that is will give no bonding + MITM.

Johan

Thank you Johan.

For anyone who comes here looking for SEC SEM BV 09, following worked.
"l2test -n -P 1 -E"  (unauthenticated link).
"l2test -n -P 1 -S" (authenticate link, make sure simple-agent is running to manage MITM).

Tony
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux