Enable Encryption | Lantronix 900-618 guide

8: Setup Mode: Advanced Settings

Enable Encryption

Rijndael is the block cipher algorithm chosen by the National Institute of Science and Technology (NIST) as the Advanced Encryption Standard (AES) to be used by the US government. The xPico supports 128-, 192-, and 256-bit encryption key lengths.

Note: Configuring encryption should be done through a local connection to the serial port of the xPico, or via a secured network connection. Initial configuration information, including the encryption key, is sent in clear text over the network.

To configure AES encryption on the xPico:

1.When prompted to enable encryption, select Y.

2.When prompted, enter the encryption key length. The xPico supports 128-, 192-, and 256-bit encryption key lengths.

3.When prompted to change keys, select Y.

4.At the Enter Keys prompt, enter your encryption key. The encryption keys are entered in hexadecimal. The hexadecimal values are echoed as asterisks to prevent onlookers from seeing the key. Hexadecimal values are 0-9 and A-F.

For a 128-bit key length, enter 32 hexadecimal characters.

For a 192-bit key length, enter 48 hexadecimal characters.

For a 256-bit key length, enter 64 hexadecimal characters

5.Continue pressing Enter until you return to the Change Setup menu.

6.From the Change Setup menu, select option 9 to save and exit.

Encryption only applies to the port selected for data tunneling (default 10001 for Channel 1 and 10002 for Channel 2), regardless of whether you are using TCP or UDP.

Generally, one of these situations applies:

Encrypted xPico-to-xPico communication. Be sure to configure both modules with the same encryption key.

Third-party application to xPico-encrypted communication: xPico uses standard AES encryption protocols. To communicate successfully, products and applications on the peer side must use the same protocols and the same encryption key as the xPico.

xPico User Guide

59

Image 59

Lantronix 900-618 manual Enable Encryption, To configure AES encryption on the xPico

Contents

User Guide Technical Support Sales Offices Lantronix Corporate Headquarters Disclaimer Table of Contents Configuration via Telnet or Serial Port Setup Mode Setup Mode Advanced Settings Gpio Interface List of Figures List of Tables Chapter Summary Using This GuidePurpose and Audience XPico Integration Guide Additional Documentation Applications IntroductionCapabilities Hardware Address Configuration MethodsProtocol Support Addresses and Port Numbers Port Numbers Product Information LabelIP Address Assigning an IP Address Using DeviceInstallerInstalling DeviceInstaller To install DeviceInstaller Name Accessing the xPico Using DeviceInstallerTo view the units current settings Select Assign a specific IP address and click Next Device Family Dhcp Device NameGroup Comments Supports Http Setup Firmware UpgradeableSupports Configurable Pins Accessing Web-Manager Using DeviceInstaller Configuration Using Web Manager Web-Manager Login Window Network Configuration Select Obtain IP address automatically Network ModeTo assign an IP address automatically To assign an IP address manually Static IP Address ConfigurationEthernet Configuration Select Use the following IP configuration Auto Negotiate To configure the xPico’s device server settings Advanced Host List ConfigurationServer Configuration Host Information Channel 1 and 2 ConfigurationRetry Settings To configure the xPico’s host list Channel Serial SettingsPort Settings To configure the channel’s serial settings Flush Input Buffer Serial to Network Pack Control At Time of Disconnect Connection Settings TCPTo configure a channel’s TCP settings Flush Output Buffer Network to Serial TCP Connection Settings Connect Protocol Connect Mode Passive ConnectionConnect Mode Active Connection Endpoint Configuration To configure a channel’s UDP settings Connection Settings UDPDisconnect Mode Device Address Table Datagram ModeDatagram Type Use Broadcast To configure the xPico’s Configurable Pins Configurable Pin SettingsConfigurable Pin Functions Serial Channel 2 Status LED Apply SettingsApply Defaults Serial Channel 1 Status LED Telnet Connection Configuration via Telnet or Serial Port Setup ModeAccessing Setup Mode To establish a Telnet connection Serial Port Connection To exit setup mode Exiting Setup Mode IP Address Setup Mode Server ConfigurationServer Configuration Option BootP/DHCP/AutoIP Options Set DNS Server IP Address Change Telnet/Web-Manager PasswordSet Gateway IP Address Netmask Number of Bits for Host Part Dhcp Name Baudrate Setup Mode Channel ConfigurationChannel 1 Option 1 or Channel 2 Option Flow Interface ModeInterface Mode Options RS232 Interface Mode Settings Reserved Port Numbers Connect ModePort Number Flow Control Options Response Connect Mode OptionsIncoming Connection Incoming Connection Active Startup Response Manual Connection Address Example Manual Connection Hostlist Option To enable the hostlist Directed UDP Modem ModeDatagram Type Numeric Response Modem Mode Commands Auto Increment Source Port Send the Escape Sequence +++ in Modem ModeShow IP addr after Ring Remote IP Address Disconnect Mode Options Pack Control Flush Mode Buffer Flushing Send Characters Packing IntervalTrailing Characters Telnet Terminal Type DisConnTime Inactivity TimeoutChannel Port Password Send Characters TCP Keepalive time in seconds Setup Mode Advanced SettingsExpert Settings Option Http Port Number ARP Cache timeout in secondsDisable Monitor Mode at bootup CPU Performance Ethernet Connection Type Security Settings OptionTCP Re-Transmission Timeout Enable alternate MAC Snmp Community Name Disable SnmpDisable Telnet Setup Disable Web Setup Disable Tftp Firmware UpgradeDisable Port 77FE Hex Disable Web Server To configure AES encryption on the xPico Enable Encryption Channel 1 and Channel 2 Configuration Defaults Default Settings OptionEnable Enhanced Password Disable Port 77F0 Hex Start character for serial channel Expert Settings DefaultsSecurity Settings Defaults Hostlist retry timeout Gpio Interface Configurable PinsFeatures Guidelines CommandsByte 0 Command Types Control Protocol Command 13h, Get Current States Command 10h, Get FunctionsCommand 11h, Get Directions Command 12h, Get Active Levels Command details Command 19h, Set DirectionsCommand 1Ah, Set Active Levels Command 1Bh, Set States Response details To download new firmware from a computer Firmware UpgradesUsing Tftp Graphical User Interface Obtaining Firmware Reloading Firmware Tftp Window Using Tftp Command Line Interface To recover firmware Monitor Mode Commands Monitor ModeEntering Monitor Mode Using the Serial Port Entering Monitor Mode Using the Network Port Example Monitor Mode CommandsG0, G1, ....,Ge, Gf S0, S1,...,Se, Sf Response Meaning Command Response Codes Problems and Error Messages Troubleshooting Lock on Caps Lock is not on Troubleshooting Technical Support Europe, Middle East, and Africa Technical SupportTechnical Support US Scientific Calculator Binary to Hexadecimal ConversionsConverting Binary to Hexadecimal Conversion Table Binary to Hexadecimal Conversions RoHS Notice Compliance