Topics

Passcode for Gary N Evans; KO4LAX


Steve
 

I have tried twice to send a passcode to Gary Evans KO4LAX without success, he used an OUTLOOK email account and they are notorious to the admins
for sending an email to and bouncing.

If anyone knows Gary Evans  KO4LAX could they please message him that he needs to ask for a passcode using a regular email address from GMAIL or YAHOO
or any other regular email address other than OUTLOOK OR if you have an alternative email address for Gary Evans  other than the OUTLOOK he used please forward it to me so that I can issue his passcode

Many thanks

Steve,  KF6WAX 
Admin


Rob J.
 

Steve,

I don't know Gary so I can't directly help you. But a tidbit of information on passcodes that might be of interest to others in the group. The algorithm to generate a passcode is nothing secret or special. You don't kneed to "apply" to anyone for a passcode, any site or service that needs a passcode uses the same passcode,  there is no approval process, the FCC is not involved or anything like that.

Go to a web site like https://apps.magicbug.co.uk/passcode/ or http://www.n5dux.com/ham/aprs-passcode/ , type in your call sign and you will get your passcode. Use it anywhere for APRS that needs it - in any radio, software or app.

73, Rob - KD2GRS


David Shrum
 

I'm sure one of the admins in this group has a link to the Wiki that will tell you that the only ones that are supposed to 'give out' pass codes is the owner of the program. That prevents hopefully the unauthorised use of ham frequencies, I in the past shared a link to one of those sites and was made aware of that fact.
 Dave N8PU

On Wed, Sep 16, 2020 at 10:39 AM Rob J. <kd2grs@...> wrote:
Steve,

I don't know Gary so I can't directly help you. But a tidbit of information on passcodes that might be of interest to others in the group. The algorithm to generate a passcode is nothing secret or special. You don't kneed to "apply" to anyone for a passcode, any site or service that needs a passcode uses the same passcode,  there is no approval process, the FCC is not involved or anything like that.

Go to a web site like DELETED , type in your call sign and you will get your passcode. Use it anywhere for APRS that needs it - in any radio, software or app.

73, Rob - KD2GRS


Eric Lorenz K9LGE
 

Rob,

The whole idea of NOT publishing those sites and requiring admins to do it is to provide some level of validation- their are checking that the requester is actually a licensed operator.

Please do not publish sites like this- thanks.

Eric K9LGE

On Wed, Sep 16, 2020, 9:39 AM Rob J. <kd2grs@...> wrote:
Steve,

I don't know Gary so I can't directly help you. But a tidbit of information on passcodes that might be of interest to others in the group. The algorithm to generate a passcode is nothing secret or special. You don't kneed to "apply" to anyone for a passcode, any site or service that needs a passcode uses the same passcode,  there is no approval process, the FCC is not involved or anything like that.

Go to a web site like https://apps.magicbug.co.uk/passcode/ or http://www.n5dux.com/ham/aprs-passcode/ , type in your call sign and you will get your passcode. Use it anywhere for APRS that needs it - in any radio, software or app.

73, Rob - KD2GRS


Jeff
 

Strongly agree. Links to passcode cracking sites should not be posted.

Jeff
N5TEV


Mike Jordan <mjordan@...>
 

This is such a non-issue. If the information is on the internet, it's too late... anyone that wants to take the time to find it will.  Anyone can request a passcode and there is no validation that the person asking actually belongs to the call sign they used to request it.  Why put a suitcase lock on a process if it's suppose to have tight security in the first place? To me, the process of having a passcode that can be easily obtained is no security at all, just a means to keep someone from accidentally connecting to the database when they test out their APRS setup.  If the system needs security then give it real security, don't put it out where anyone can find it and use it if they want. Other wise it might as well be 1234 for everyone or not even exist.

I'll do my part though to keep it secure... if I run across it on the internet, I won't look. ;)

Mike


Glenn O'Connor
 

Says Mike w/o a callsign...


Mike Jordan <mjordan@...>
 

Yep, the software didn't add it. But if it makes you feel better... KJ4TX.

Mike

On 9/17/2020 11:32 AM, Glenn O'Connor wrote:
Says Mike w/o a callsign...


Lynn Deffenbaugh
 

Ok, I think this discussion is ready to be put out to pasture.

Most of us understand the insecurity of the current APRS-IS passcode system.  An attempt was made to use certificates, but even that change ran into concerns about scalability and global reach (it was based on LOTW).  So unless you have a solution AND the ability to implement said solution, let's just let it go.

Lynn (D) - KJ4ERJ - Author of APRSISCE for Windows Mobile and Win32

On 9/17/2020 3:05 PM, Mike Jordan wrote:
Yep, the software didn't add it. But if it makes you feel better... KJ4TX.

Mike

On 9/17/2020 11:32 AM, Glenn O'Connor wrote:
Says Mike w/o a callsign...