6.2. Configuring and Testing Communications
Oh the passkey. Right, I almost forgot to mention that. Each Bluetooth device connecting to another, has to be authorized with a passkey, before they can communicate. This is a security measure built into the protocol itself.
On the desktop side, as you recall, we installed BlueZ and a lot of other BlueZ-related tools, libraries, and utilities. When we did this, several files were created that we need to look at. One of these contains the password needed to allow the Palm to communicate with the desktop. If you used a default install, or a packaged install of BlueZ, these will be in /etc/bluetooth on your machine. If not, do a locate for 'hcid.conf' on your machine to find the place where these configuration files were installed.
In this directory, is a file called 'hcid.conf', which controls the behavior of the HCI daemon. If you want to customize the name that your desktop machine identifies itself as, edit this file to change the naming in the device{...} section to a name of your choosing. In my case, this was the default of 'name "%h-%d"', where %d is the device id and %h is the hostname of the machine itself, hence the 'wrath-0' in the screenshots below.
You likely won't need to change anything else in this particular file.
In this same directory, is a file called 'pin' (or should be). In this file, is the plain-text password you will need to use to connect from your Palm to your desktop machine. I strongly recommend that this password be rotated often, and that the directory have locked-down permissions. Refer to your system documentation for details on how to secure this directory properly.
The PIN is used when pairing two Bluetooth devices, and is combined on both devices along with a 128-bit pseudo-random number, and the 48-bit Bluetooth address of one of the devices, to generate the initialization key which is used to authenticate, and protect link keys used for encryption and decryption traffic on both devices.
The PIN is the effectively shared secret which protects the initialization key in the pairing process, and is only used once during that pairing process.
There is a tool in the bluez-utils package called 'bluepin' that is used by hcid to ask the user for a PIN code when connection pairing is attempted. There are several others that have GUI interface as well, to prompt for the connection on the desktop side. In this case, we won't need those, since the Palm will prompt us, as shown below (no, my passkey really isn't '1234'):
If you got the passkey correct, you will be authorized to connect, and the desktop machine (a machine called 'wrath' in my case) will then be added to your "Trusted Devices" list on your Palm handheld, and an entry similar to the following will show up in your system logs:
You have now established, and authorized a connection from your desktop to your Palm handheld, using Bluetooth. Pat yourself on the back, this is monumental! Now let's use some of those BlueZ tools to check out what we've done here.
Remember the 'hcitool' command we ran earlier that showed us that our desktop Bluetooth hardware was seen and listening? Well, now that we have another Bluetooth device "on the wire", we can use that same tool to query it.
Since our Palm device is still set to "Discoverable", we can see it with the following command:
Now we see the Palm handheld from the desktop, and we see that it has the name we gave our connection, 'MyPalm' in this case.
Let's get some more details about this mysterious 'MyPalm' device we see in the air here.
In a terminal, run the following 'hcitool' command, using the Bluetooth address found with the 'hcitool scan' we just did:
Wow, lots of juicy information here. We can see the Palm Bluetooth device from the desktop, query it, and establish communications with it.