Go Down

Topic: How secure is Adafruit MQTT with ESP8266 (Read 1 time) previous topic - next topic

SHARANYADAS

Hi
I am currently building ESP8266 & Adafruit IO based home automation system using MQTT & by far it is working as expected.The ESP8266 is programmed using Arduino IDE.
The main concern here is,how secure the whole MQTT system is?I mean what is the maximum vulnerability of the system as well as the private side network without any security implemented(SSL/TLS etc)??
Also,i would like to know,what is the approprate way to secure the system?


KASSIMSAMJI

security is obtained over TLS using reserved port 8883

but TLS tends to incur high cpu usage on broker side , network overhead(higher bandwidth)
Electrical Engineer

pylon

Quote
Also,i would like to know,what is the approprate way to secure the system?
Secure the system against what? you get it very secure if you pull the network plug. I hope you see that you need to specify what your system is expected to do and what risks you're trying to mitigate.

Using TLS you get an encrypted communication, nothing less but also nothing more.

The MQTT system is just a message broker. If you operate your own server (in a home automation system almost mandatory) you don't need TLS (given that the network itself is a basic level of security).

Ramzi19

Hi
my arduino client can't connect to the public broker test.mosquitto.com.

The Serial Monitor output is: Connecting to MQTT... failed state : -2

Here is the code, where is the problem? :

#include <PubSubClient.h>
#include <Ethernet.h>
#include <SPI.h>

byte mac[] = {0xDE, 0xAD, 0xBE, 0xEF, 0xFE, 0x01};

const char* mqttServer = "test.mosquitto.com";
const int mqttPort = 1883;

EthernetClient ethClient;
PubSubClient mqttClient(ethClient);

void setup_Ethernet(){
  // start the Ethernet connection:
  Serial.println("Initialize Ethernet with DHCP:");
  if (Ethernet.begin(mac) == 0) {
    Serial.println("Failed to configure Ethernet using DHCP");
    if (Ethernet.hardwareStatus() == EthernetNoHardware) {
      Serial.println("Ethernet shield was not found.  Sorry, can't run without hardware. :(");
    } else if (Ethernet.linkStatus() == LinkOFF) {
      Serial.println("Ethernet cable is not connected.");
    }
    //delay to let Etnernet shield initialize
    delay(1000);
  }
    //connection succesful
    Serial.println("Connection Successful");
    Serial.println("--------------------");



void callback(char* topic, byte* payload, unsigned int length)
{
  Serial.print("Messageved in topic: ");
  Serial.println(topic);
  Serial.print("Message :");
  for(int i = 0; i < length; i++) {
    Serial.print((char)payload);
  }
  Serial.println();
}

void setup() {
  Serial.begin(9600);
  setup_Ethernet();
  mqttClient.setServer(mqttServer,mqttPort);
  mqttClient.setCallback(callback);
  while(!mqttClient.connected()) {
      Serial.println("Connecting to MQTT...");
      if (mqttClient.connect("arduinoClient")) {
          Serial.println("connected");
      }else{
          Serial.print("failed state : ");
          Serial.println(mqttClient.state());
          delay(2000);
           }
      }
   mqttClient.publish("test/arduino","Hello Arduino world");
   mqttClient.subscribe("test/arduino");
}

void loop()
{
  mqttClient.loop();
}

AWOL

#4
Jan 16, 2019, 05:12 pm Last Edit: Jan 16, 2019, 05:12 pm by AWOL
Neither MQTT nor C++ like italics

Please don't hijack unrelated threads.
"Pete, it's a fool (who) looks for logic in the chambers of the human heart." Ulysses Everett McGill.
Do not send technical questions via personal messaging - they will be ignored.
I speak for myself, not Arduino.

Willpatel_Kendmirez

Quote
How secure is Adafruit MQTT
Why not ask that question in adafruit's forum?


Go Up