Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • dailybuild_linux-x64
  • dailybuild_win32
  • sqlite
  • rip_abstraction
  • dailybuild_macos-armv8
  • dd_file_lister_filanem_in_desc_color
  • mode7
  • dd_msg_reader_are_you_there_warning_improvement
  • c23-playing
  • syncterm-1.3
  • syncterm-1.2
  • test-build
  • hide_remote_connection_with_telgate
  • 638-can-t-control-c-during-a-file-search
  • add_body_to_pager_email
  • mingw32-build
  • cryptlib-3.4.7
  • ree/mastermind
  • new_user_dat
  • sbbs320d
  • syncterm-1.6
  • syncterm-1.5
  • syncterm-1.4
  • sbbs320b
  • syncterm-1.3
  • syncterm-1.2
  • syncterm-1.2rc6
  • syncterm-1.2rc5
  • push
  • syncterm-1.2rc4
  • syncterm-1.2rc2
  • syncterm-1.2rc1
  • sbbs319b
  • sbbs318b
  • goodbuild_linux-x64_Sep-01-2020
  • goodbuild_win32_Sep-01-2020
  • goodbuild_linux-x64_Aug-31-2020
  • goodbuild_win32_Aug-31-2020
  • goodbuild_win32_Aug-30-2020
40 results

broker.js

  • Deucе's avatar
    94a109ca
    Support uid/pw only auth · 94a109ca
    Deucе authored
    There are now two ways to authenticate with the broker:
    1) TLS PSK with a sysop account, and set the password field at the
       MQTT level to the system password (user field, if present is
       ignored).  This is the prefered method as it provides mutual
       authentication and you simply can't steal credentials with MITM.
    2) Synchronet TLS certificate, sysop username and the users password
       followed by a colon, followed by the system password.  The server
       authentication will now depend on the appropriate trust chain in
       the client.  If using a Let's Encrypt certificate for example,
       you can' securely connect to localhost with this method.
    
    tools and libraries tend to allow TLS-PSK with password at the MQTT
    level, many GUI tools do not allow TLS-PSK.
    94a109ca
    History
    Support uid/pw only auth
    Deucе authored
    There are now two ways to authenticate with the broker:
    1) TLS PSK with a sysop account, and set the password field at the
       MQTT level to the system password (user field, if present is
       ignored).  This is the prefered method as it provides mutual
       authentication and you simply can't steal credentials with MITM.
    2) Synchronet TLS certificate, sysop username and the users password
       followed by a colon, followed by the system password.  The server
       authentication will now depend on the appropriate trust chain in
       the client.  If using a Let's Encrypt certificate for example,
       you can' securely connect to localhost with this method.
    
    tools and libraries tend to allow TLS-PSK with password at the MQTT
    level, many GUI tools do not allow TLS-PSK.