Sun Microsystems V2.0 manual Changing the owner of a Sun Spot, Sharing Sun SPOTs

Page 19

Even if you aren’t concerned about security, you need to be aware of this if you want to be able to use Sun SPOTs interchangeably amongst two or more SDK installations. See the section Sharing Sun SPOTs.

Changing the owner of a Sun SPOT

Once set, only the owner can change the public key remotely, although anyone who has physical access to the Sun SPOT can also change the public key. If user B wishes to use a Sun SPOT device previously owned by user A, they can become the new owner in one of two ways:

If user B does not have physical access to the device, user A can use the command

ant deletepublickey

to remove their public key from the Sun SPOT. User A can also use this procedure remotely, for example

ant deletepublickey -DremoteId=0014.4F01.0000.0006

User B can then deploy an application to the remote spot using a command like

ant deploy -DremoteId=0014.4F01.0000.0006

and will become the new owner automatically. During the time that the device has no owner (after user A has executed deletepublickey and before user B has executed deploy) the Sun SPOT will be exposed to attackers (a third user C could become its owner before user B). For this reason, if security is critical, we recommend replacing the public keys only via USB.

If user B has physical access to the device, they can connect the device via USB and execute

ant deploy

In both cases, if a customised library has been flashed to the Sun SPOT, it must be re-flashed by user B so that the library is signed using user B’s private key. This means that user B must also execute

ant flashlibrary

This command cannot be executed remotely. Note that this procedure is not necessary if the library has not been customised, as verification for the factory-installed library is handled differently.

Sharing Sun SPOTs

If you want to share Sun SPOTs between two or more SDK installations or users, you have to ensure that the SDK installations and users share the same key-pair. To do this, start by installing each SDK as normal. Then, copy the key-pair from one “master” user to each of the others. You can do this by copying the file sdk.key from the sunspotkeystore sub-directory of the “master” user’s home directory and replacing the corresponding file in each of the other user’s sunspotkeystore directories.

You then have to force the master’s public key onto each of the Sun SPOTs associated with the other installations. The simplest way to do this is to re-deploy the application via USB

19

Page 18 Page 20
Image 19
Page 18 Page 20
Contents Page Page Contents Http protocol support Introduction Deploying and running a sample application Building and deploying Sun Spot applicationsBuild Successful Total time 3 seconds \MyApplication Ant -Dport=COM2 info Total time 4 seconds \MyApplication Total time 0 seconds \MyApplication Incorporating utility classes into your application Deploying a pre-existing jarExcluding files from the compilation Manifest and resourcesOther user properties Built-in properties Using the BasestationOverview Set up Remote operation Base Station configurationIntroduction Connect a Sun Spot base station Background Using short names for SPOTsManaging keys and sharing Sun SPOTs Take suitable actions during over-the-air downloadsSharing Sun SPOTs Changing the owner of a Sun SpotLimitations What is protected?Deploying and running a host application Generating a new key-pairMesh routing Configuring network featuresYour own host application Incorporating pre-existing jars into your host applicationTrace route Hardware configurations and USB powerLogging Page Threads Overview of an applicationThread priorities Sun Spot device library Sun Spot device librariesDevice Interface Persistent properties Overriding the Ieee address Accessing flash memoryUsart Radio communication library Program Radiogram protocol Server end Client endYou can open server radiogram connections in a similar way Broadcasting Radio properties Turning the receiver off and on Monitoring radio activity Conserving power using deep sleep modeShallow Sleep Deep Sleep Activating deep sleep modeDevice Condition to permit deep sleep USB inhibits deep sleepPreconditions for deep sleeping Deep sleep behaviour of the standard driversWriting a device driver Http protocol support Configuring the http protocolSocket Proxy GUI mode Configuring projects in an IDEJavadoc/source configuration Classpath configurationDebugging Ant selectapplication Configuring Eclipse as a debug client Configuring NetBeans as a debug clientAdvanced topics Using library suitesWith adderlib as your current directory, execute the command Use the command Using the spot client SpotSerialPortException other exception in serial port comms Persistent system properties ReferenceProperty name Meaning Start address Space Use Contents of the arm directoryContents of the lib directory Memory usageContents of the bin directory preverify.exe Contents of the tests directory Contents of the upgrade directory
Top Page Image Contents