Subj : Re: Packet BBS?
To   : Bob Worm
From : echicken
Date : Fri Oct 04 2024 09:27 am

  Re: Re: Packet BBS?
  By: Bob Worm to Ed Vance on Thu Oct 03 2024 20:04:25

 BW> Sounds interesting - my first thought was your passwords must go in the
 BW> clear (unless there's some exception for challenge based authentication?)

That's the fun part - there are no passwords. (At least not over the air on packet BBSs that I've used. I can't speak for the RTTY ones.)

This being ham radio it's just trusted that the "from" callsign in the packet header belongs to the person who sent the packet. Of course that makes it very easy to impersonate somebody, but it's just typical quaintness for the hobby.

 BW> however I suppose these days you could just use Google Authenticator or
 BW> something to generate one time keys rather than using passwords. Good old

Ideally it'd be something that could work independent of the internet, even with a hardware dongle generating keys.

Otherwise yeah, I'd have a service and an app that runs on desktop/mobile and prompts the callsign holder to confirm their login. They click "yes" there, they get logged in. And this all happens out of band.

echicken    
electronic chicken bbs - bbs.electronicchicken.com
--- SBBSecho 3.20-Linux
 * Origin: electronic chicken bbs - bbs.electronicchicken.com (21:1/164)

.