Subj : Re: Packet BBS?
To   : Bob Worm
From : tenser
Date : Sat Oct 05 2024 03:04 am

On 03 Oct 2024 at 08:04p, Bob Worm pondered and said...
 
 BW> Sounds interesting - my first thought was your passwords must go in the
 BW> clear (unless there's some exception for challenge based
 BW> authentication?) however I suppose these days you could just use Google
 BW> Authenticator or something to generate one time keys rather than using
 BW> passwords. Good old 1 factor authentication :)

Yeah, most packages are set up for password authentication
and, since most amateur services are prohibited from using
cryptography, these go over the air in the clear.

But it is true that there's nothing that prevents someone
from using cryptographically secure _authentication_ protocols,
or for that matter, using authenticated packets with a cleartext
payload.  But almost no software exists that does that, at
least not that I'm aware of for plain 'ol packet radio.

Some folks have used SSH with a null cipher over the air,
doing IP over AX.25.  This gives you the authentication goodness,
and seems perfectly fine from a regulatory standpoint.

--- Mystic BBS v1.12 A48 (Linux/64)
 * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)

.