Go Down

Topic: How secure is Adafruit MQTT with ESP8266 (Read 2026 times) previous topic - next topic

SHARANYADAS

Hi
I am currently building ESP8266 & Adafruit IO based home automation system using MQTT & by far it is working as expected.The ESP8266 is programmed using Arduino IDE.
The main concern here is,how secure the whole MQTT system is?I mean what is the maximum vulnerability of the system as well as the private side network without any security implemented(SSL/TLS etc)??
Also,i would like to know,what is the approprate way to secure the system?


KASSIMSAMJI

security is obtained over TLS using reserved port 8883

but TLS tends to incur high cpu usage on broker side , network overhead(higher bandwidth)
Expert To Be: Machine Learning And Computer/Machine Vision (ML/CV/MV)

pylon

Quote
Also,i would like to know,what is the approprate way to secure the system?
Secure the system against what? you get it very secure if you pull the network plug. I hope you see that you need to specify what your system is expected to do and what risks you're trying to mitigate.

Using TLS you get an encrypted communication, nothing less but also nothing more.

The MQTT system is just a message broker. If you operate your own server (in a home automation system almost mandatory) you don't need TLS (given that the network itself is a basic level of security).

Ramzi19

Hi
my arduino client can't connect to the public broker test.mosquitto.com.

The Serial Monitor output is: Connecting to MQTT... failed state : -2

Here is the code, where is the problem? :

#include <PubSubClient.h>
#include <Ethernet.h>
#include <SPI.h>

byte mac[] = {0xDE, 0xAD, 0xBE, 0xEF, 0xFE, 0x01};

const char* mqttServer = "test.mosquitto.com";
const int mqttPort = 1883;

EthernetClient ethClient;
PubSubClient mqttClient(ethClient);

void setup_Ethernet(){
  // start the Ethernet connection:
  Serial.println("Initialize Ethernet with DHCP:");
  if (Ethernet.begin(mac) == 0) {
    Serial.println("Failed to configure Ethernet using DHCP");
    if (Ethernet.hardwareStatus() == EthernetNoHardware) {
      Serial.println("Ethernet shield was not found.  Sorry, can't run without hardware. :(");
    } else if (Ethernet.linkStatus() == LinkOFF) {
      Serial.println("Ethernet cable is not connected.");
    }
    //delay to let Etnernet shield initialize
    delay(1000);
  }
    //connection succesful
    Serial.println("Connection Successful");
    Serial.println("--------------------");



void callback(char* topic, byte* payload, unsigned int length)
{
  Serial.print("Messageved in topic: ");
  Serial.println(topic);
  Serial.print("Message :");
  for(int i = 0; i < length; i++) {
    Serial.print((char)payload);
  }
  Serial.println();
}

void setup() {
  Serial.begin(9600);
  setup_Ethernet();
  mqttClient.setServer(mqttServer,mqttPort);
  mqttClient.setCallback(callback);
  while(!mqttClient.connected()) {
      Serial.println("Connecting to MQTT...");
      if (mqttClient.connect("arduinoClient")) {
          Serial.println("connected");
      }else{
          Serial.print("failed state : ");
          Serial.println(mqttClient.state());
          delay(2000);
           }
      }
   mqttClient.publish("test/arduino","Hello Arduino world");
   mqttClient.subscribe("test/arduino");
}

void loop()
{
  mqttClient.loop();
}

AWOL

#4
Jan 16, 2019, 05:12 pm Last Edit: Jan 16, 2019, 05:12 pm by AWOL
Neither MQTT nor C++ like italics

Please don't hijack unrelated threads.

Willpatel_Kendmirez

Quote
How secure is Adafruit MQTT
Why not ask that question in adafruit's forum?


Go Up