Secure file transfer options for WiPy?
-
I am new to the forum and just started playing around with the WiPy software on an ESP32 devkitC board. I followed one of the tutorials for uploading files via FTP, but I was wondering if there is any way to use SFTP or any other secure file transfer protocol? I'm developing for a product that will be going out in the field and would like to do secure file transferring to avoid any security breaches.
-
@ade-ro You can use WLAN.init() it accepts the password in the
authparameter.
-
@jmarcelino Any news on the SSH? Also, how exactly can we change the password? (assuming is the 'www.pycom.io' one, not the 'python' one)
-
yes that is the design. as @jmarcelino mentioned SSH can use a lot of memmory so there is a trade off
-
If the problem is only updating devices in the field I’d suggest simply setting WIPy to AP mode (so the WiPy creates its own WiFi network) and using a complex password to connect. WiFi WPA will then encrypt your data for you.
If you only use it occasionally - so an attacker can’t collect a lot of data it should be reasonable safe.
It is possible to do SSH on the ESP32 and we’re looking to support that on our new 4MB RAM devices. The limitation was more of a memory one.
-
Thanks for the quick answer! Just to make sure I understand, the second option would be having contents AES encrypted, send over FTP and decrypt on the board?
-
SFTP usually requires an SSH server
the chip has fairly limited processing power so you may be able to run an HTTPS server
https://docs.pycom.io/chapter/firmwareapi/micropython/ussl.html
Another option is to use AES crypto to encrypt your contents and decrypt on the board
Andrei
