Hi Jacek, > I have a problem connecting to a BT device from a Linux desktop – > pairing fails, while an Android phone pairs properly. > > The obvious difference in the btsnoop logs is in the pairing request. > > Android: > < ACL Data TX: Handle 65 flags 0x00 dlen 11 > > > #995 150.491086 > SMP: Pairing Request (0x01) len 6 > IO capability: KeyboardDisplay (0x04) > OOB data: Authentication data not present (0x00) > Authentication requirement: Bonding, MITM, Legacy, No Keypresses > (0x05) > Max encryption key size: 16 > Initiator key distribution: EncKey IdKey Sign (0x07) > Responder key distribution: EncKey IdKey Sign (0x07) > [...] >> ACL Data RX: Handle 65 flags 0x02 dlen 11 > > > #1006 150.571137 > SMP: Pairing Response (0x02) len 6 > IO capability: NoInputNoOutput (0x03) > OOB data: Authentication data not present (0x00) > Authentication requirement: Bonding, No MITM, Legacy, No > Keypresses (0x01) > Max encryption key size: 16 > Initiator key distribution: EncKey (0x01) > Responder key distribution: EncKey (0x01) > > > And on Linux: > < ACL Data TX: Handle 16 flags 0x00 dlen 11 #53 [hci0] > 132.273100 > SMP: Pairing Request (0x01) len 6 > IO capability: NoInputNoOutput (0x03) > OOB data: Authentication data not present (0x00) > Authentication requirement: Bonding, No MITM, SC, No Keypresses, > CT2 (0x29) > Max encryption key size: 16 > Initiator key distribution: EncKey Sign LinkKey (0x0d) > Responder key distribution: EncKey IdKey Sign LinkKey (0x0f) > [...] >> ACL Data RX: Handle 16 flags 0x02 dlen 6 #57 [hci0] > 132.362160 > SMP: Pairing Failed (0x05) len 1 > Reason: Invalid parameters (0x0a) > > > > So it looks like 'Bonding, MITM, Legacy, No Keypresses' used by Android > works and 'Bonding, No MITM, SC, No Keypresses, CT2' used by the desktop > Linux (bluez 5.62, kernel '5.6.2-050602-lowlatency' from Ubuntu) does > not (note: I am still quite ignorant about Bluetooth stuff). > > So my question is: is there any way to force using legacy pairing? Even > if that requires bluez or kernel patching (though, I would rather avoid > that). > you can use btmgmt tool from bluez.git to force Secure Connections off. I am not sure if that sticks when starting bluetoothd, but then you need to hack it out there. I am really not sure how your device can be a qualified Bluetooth device and fail here. The handling of the flags has actually proper test cases to ensure that this does’t happen. And I remember that even Android switched to Secure Connections support at some point. Regards Marcel
