firmware icon indicating copy to clipboard operation
firmware copied to clipboard

Published 20 hours ago verified publisher icon meshtastic

Remove legacy remote node administration

Open fifieldt opened this issue 10 months ago • 7 comments
trafficstars

Firmware 2.5 introduced Public Key Cryptography (PKC) to Meshtastic. With it came the ability for node operators to specify which keys should be allowed to remotely administer a node. This was a major security improvement - previously node operators had to have a single management channel and one pre-shared key to secure their nodes.

Until now, we've kept the 'legacy' functionality in place, so users of version 2.5+ firmware could still manage older nodes. Now firmware 2.5+ is in widespread use, and the new remote node administration functionality is well-tested, we can safely remove 'legacy' remote node administration. This has benefits of a smaller and more maintainable code-base, reducing a potential vulnerability vector.

References: https://meshtastic.org/docs/overview/encryption/ https://meshtastic.org/docs/development/reference/encryption-technical/ https://meshtastic.org/docs/configuration/remote-admin/

fifieldt avatar Dec 27 '24 23:12 fifieldt