Robotics StackExchange | Archived questions

Configuring SROS Keyserver to Generate Encrypted Private Key

Even though there doesn't seem to be any interest in further developing SROS1, I am still exploring it as it is a very interesting implementation. I am trying to figure how to amend the keyserver configuration file, but the SROS tutorial page for this does not exist.

I would like to modify the keyserver configuration file such that the generated private keys are encrypted. I have made the following amendments to the default configuration file:

When sroskeyserver is initialised, I am prompted to key in pass phrase for root, master and keyserver before the certs are generated. The pass phrases are the comments in Line 94, 111 and 144 of keyserverconfig.yaml. But I encounter a problem when prompted to enter the PEM pass phrase. Going by logic, the pass phrase should be the comment in Line 129, i.e. SROSNODE_PASSWORD. However, this does not work and will result in error as follows:

Starting an XML-RPC server to bootstrap SSL key distribution...
Enter pass phrase for root: 
Verifying - Enter pass phrase for root: 
Certificate generated: root
Enter pass phrase for master: 
Verifying - Enter pass phrase for master: 
Certificate generated: master
Enter pass phrase for keyserver: 
Verifying - Enter pass phrase for keyserver: 
Enter PEM pass phrase:
Traceback (most recent call last):
  File "/home/sros/sros/install/bin/sroskeyserver", line 3, in <module>
    sros.sroskeyserver_main()
  File "/home/sros/sros/install/lib/python2.7/dist-packages/sros/__init__.py", line 179, in sroskeyserver_main
    keyserver.start_keyserver(keyserver_config, keystore_path, keyserver_mode, port)
  File "/home/sros/sros/install/lib/python2.7/dist-packages/rosgraph/keyserver.py", line 143, in start_keyserver
    keyserver.stop()
UnboundLocalError: local variable 'keyserver' referenced before assignment

Is there a default password written into the SROS system files? Or where can the password be set? Has anyone succeeded in modifying SROS keyserver configuration?

Thanks.

Asked by citrusying on 2019-02-21 03:03:58 UTC

Comments

Answers

This is really old, and SROS1 is no longer in active development, given the new focus on SROS2. But in the interest of ros answers and talk like a pirate day, password_env refers to the name of the environment variable to read the password from, rather than reading the string directly from the config file, so that one doesn't need to expose the password in clear text in the config file. See the example conf file for more comments:

https://github.com/ros/ros_comm/blob/f95b4a5de2acb4fb53f0e9a4cff47dcef928eac5/tools/sros/conf/keyserver_config.yaml#L94

Asked by ruffsl on 2019-09-20 12:34:24 UTC

Comments