I have created a C# program that detects “out of the box” RouterBoard devices, puts then in try-ethernet-once-then-nand boot mode en reboots them. (Then the app will provice mips_boot and automatically install latest firmware, it’s an automated NetInstall …).
The program logs in on the device using Mac Telnet, which until recently used MD5 to hash the password. Since the change to ECSRP the app cannot login anymore on recent devices.
I’m trying to figure out how to implement the ECSRP authentication. I 'm starting to understand it, but I think I’m missing some useful information.
Does anyone know some more details about the ECSRP implementation? Any information is welcome.
I will share the final details when I succeed. This will be useful for when (hopefully) the API will start using ECSRP as well …
It is a pity, because before I could use the “mac telnet” program for Unix/Linux that someone wrote but this does not work anymore.
Usually it is possible to get around it by using the usual wine/winbox hoops and also sometimes RoMON, but it is nice when basic low-level tools are available to rescue devices.
An opensource tool that can do mac telnet, netinstall etc which can be used without wine would be very welcome.
I see some hope in “at the moment” part, maybe they just want to polish things. It’s not like they can keep it secret forever, someone will find the details eventually, even if MikroTik won’t share them.
Oh, rest asure … I WILL find it (found the netinstall and previous MacTelnet stuff on my own as well)! It’s just I don’t have the time for it right now and I think it would be rather polite of Mikrotik to just share it and not let us waste our time on searching for it. I don’t see any possible reason why they wouldn’t share this … (@MikrotikSupport: is there a reason?)
Security is made with cryptography, not obscurity. Open specifications do not add any harm. So I do not see a reason not to publish the required information.
Please Mikrotik, I would like to have a fully functional mac-telnet for linux, again, finally.
Oh, rest asure … I WILL find it (found the netinstall and previous MacTelnet stuff on my own as well)! It’s just I don’t have the time for it right now and I think it would be rather polite of Mikrotik to just share it and not let us waste our time on searching for it. I don’t see any possible reason why they wouldn’t share this … (@MikrotikSupport: is there a reason?)
Any news about ecsrp? Would be interested in any information about this topic.