Logo ARIM Messaging Program v1.3 Help Logo

Introduction

ARIM means "Amateur Radio Instant Messaging" and the ARIM program is a host mode program for the ARDOP TNC being developed by Rick KN6KB and John G8BPQ.

When the ARDOP TNC project was announced by KN6KB I starting planning a host mode program that could take advantage of the connectionless FEC mode it offered. ARIM is the result. It is written in C and distributed as source code under the terms of the GPL 3.0 license. Developed on Ubuntu Linux, it should compile and run on any modern Linux installation (including Raspbian for Raspberry Pi). Using Microsoft Windows? No problem, ARIM will build and run in the excellent Cygwin environment for Microsoft Windows. Alternatively, on Windows 10, ARIM can be built in the Bash on Ubuntu on Windows environment too. Either of these environments let you build and run ARIM on the same Windows host that ARDOP_Win is installed on. Compiling the source code is easy, the only build dependency beyond the standard C libraries are the ncurses and zlib development libraries.

Features include:

The ARIM program is a work in progress and I am interested in feedback. I monitor the ARDOP Users group at groups.io and can be reached there, or at the arim-ham Yahoo group where files and other information will be posted.

The ARIM Screen Layout Color Coded Display Option Downloading and Installing
Configuration Rig Control/PTT Attaching to a TNC
Press 'h' for Help Press 'r' to toggle the Recents view Press 'p' to toggle the Ping History view
Press 'f' to set FEC mode and repeat count Press 't' to toggle the timestamp format Press 'n' to clear new message and file counters
Press <ESC> to abort send or receive Scrolling back the Monitor View Using the command line
Sending commands to the TNC Viewing and changing TNC settings Pinging another station
Using Pilot Pings ARQ: Connecting to a remote station ARQ: Sending queries to the remote station
ARQ: Sending messages to the remote station ARQ: Downloading messages from the remote station ARQ: Reading files from the remote station
ARQ: Downloading files from the remote station ARQ: Uploading files to the remote station ARQ: Session authentication
ARQ: File access control ARQ: Password management FEC: Sending an unproto message
FEC: Sending a message (to TNC) FEC: Composing a message (to outbox) FEC: Working with the message inbox
FEC: Working with the message outbox FEC: Working with sent messages FEC: Reading messages
FEC: Querying another station for information FEC: Retrieving files from another station FEC: Using message send repeats
FEC: Beaconing RF channel busy detect Working with the shared files viewer
Reading files Serving dynamic files Logging

The ARIM Screen Layout

The ARIM screen is divided into different sections. Some of these can host more than one "view". The current view is identified by the title at the bottom of these sections.

ARIM

Color Coded Display Option

Color coding can be enabled by setting the color-code parameter in the [ui] section of the arim.ini configuration file to TRUE (the default). When enabled, elements in the traffic monitor view, calls heard list and TNC command view are color coded to highlight the different frame/command types and group related traffic flows together.

ARIM

The traffic monitor view and TNC command view show very different types of information so different color coding schemes are used for each. The calls heard view is just a reflection of information in the traffic monitor view and uses the same color coding conventions.

Downloading and Installing

The prerequisite for ARIM is the ARDOP TNC. Three versions are available: ardopc for Linux, piardopc for the Raspbian OS on RPi, and ARDOP_Win for Microsoft Windows.

Information about downloading and installing the ARDOP TNCs is found here:

ardopc TNC for Linux Operating Systems (also covers piardopc for Raspbian OS on RPi)

ARDOP_Win TNC (part of the ARDOP Chat installation) for Windows Operating Systems

To download the ARDOP Chat installer you must be a member of the ARDOP Users group at groups.io. The installer is found in the Files area of the group.

If you plan to run ARIM in the Cygwin environment on Windows, then Cygwin must be installed first. The installer for this is found on the Installing and Updating Cygwin Packages page. The Cygwin Walkthrough and Beginner's Guide may be helpful in getting started.

If you plan to run ARIM in the Bash on Windows environment on Windows, then the Windows Subsystem for Linux must be installed first. How to Install and Use the Linux Bash Shell on Windows 10 describes installation and use of Bash on Windows. Microsoft publishes a helpful Bash on Windows FAQ which is part of their official Bash on ubuntu on Windows site.

When using Cygwin, you will work in the Cygwin Terminal. A shortcut to the Cygwin Terminal should be placed on your Windows desktop by the Cygwin installer.

When using Bash on Windows, you will work in the Bash Terminal launched by the "Bash on Ubuntu on Windows" Start Menu item.

Next, you need to either build ARIM from source or download a "portable" precompiled binary package.

Run arim with the --help option to print out command line options:

Usage: arim [OPTION]
  -v, --version            print version information
  -f, --config-file FILE   use configuration file FILE
  -p, --print-conf FILE    print configuration file listing to FILE
  -h, --help               print this option help message

Configuration

By default, ARIM reads an "ini" format configuration file named arim.ini at startup. If you are using the portable binary ARIM distribution, this file is located in the same arim-1.3 directory containing the ARIM executable file and data files. If you compiled and installed ARIM from the source distribution, this file is located in the arim data directory in your home directory. To override the default configuration file location, run arim with the --config-file command line option, for example:

arim --config-file /home/nw8l/HF/arim-net.ini

Here is an example configuration file:

ARIM

Multiple TNCs can be defined. A subset of the ARDOP TNC parameters are initialized here, but these can be overridden from the TNC command line after the program starts. Most options have reasonable default values which are used if they are not found in the .ini file.

To print the configuration file parameters to a file for analysis, run ARIM with the -p option. For example:

arim -p dump.txt

In the file is a listing of the parameters and their values after processing, which can be helpful for troubleshooting. Any invalid parameter values will be replaced with default values, and parameters with misspelled names will be absent.

Rig Control/PTT

The ARIM program has no rig control features! It depends on the rig control features embedded in the ARDOP TNC.

I use VOX on my rig and it seems that Signalink cards work too. In both cases the VOX hold or SignaLink DLY must be set to minimum.

Attaching to a TNC

Make sure the ARDOP TNC is running. Press the spacebar to open the command prompt.

ARIM

Enter the att command, a space and the TNC number, e.g. att 1. The TCP connection will be made and initialization commands from the program to the TNC will scroll by in the TNC Command view. The title bar will display the number and name of the attached TNC.

To detach from the TNC, open the command prompt and enter the det command.

Press 'h' for Help

Press the 'h' hot key to open the Help viewer.

ARIM

Here is a listing of all hot keys and commands. Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll the contents. Press 'q' to quit.

Press 'r' to toggle the Recents view

Press the 'r' hot key to toggle on the Recents view.

ARIM

This is a listing of headers for messages recently received. They are numbered in reverse chronological order (most recent first). Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll the contents. Press 'r' to toggle the Recents view off. Headers contain the following information, from left to right:

To read messages from the Recents list, press the spacebar to open the command prompt and enter the command rr nbr, where nbr is the message number. This opens the message viewer.

ARIM

The message number and size in lines are shown in the Status Bar. Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll through the message. Press 'q' to quit the message viewer and return to the Recents view.

Press 'p' to toggle the Ping History view

Press the 'p' hot key to toggle on the Ping History view.

ARIM

Here is a listing of signal reports resulting from ARDOP pings sent to other stations by the TNC or from pings sent to the TNC by other stations. The history shows a line for each remote station, sorted in reverse chronological order (most recent on top). Each line includes, from left to right:

Press 't' to toggle the timestamp format between elapsed time or the clock time.

Press 'f' to set FEC mode and repeat count

Press the 'f' hot key to open the FEC Control Menu.

ARIM

Press a key to select one of the options. All FEC modes are listed here, as well as options to set the FEC frame repeat count to either 0, 1, 2 or 3. Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll the menu contents. Press 'q' to quit. Note that these are ARDOP settings; the ARIM message repeat count found in the arim.ini configuration file is a different thing. The ARDOP FEC repeat count affects all FEC transmissions by the TNC.

NOTE: In all views, the current FEC mode and repeat count are indicated in the status bar, to the left of the beacon time indicator. The format is fecmode:fecrepeat. In this example we see mode 4PSK.200.100 and a repeat count of 0 (the default).

Press 't' to toggle the timestamp format

Press the 't' hot key to switch the timestamp format between:

This affects the timestamps shown in the Calls Heard list and Ping History view.

Press 'n' to clear the new message and file counters

Press the 'n' hot key to clear the new message and new file counters, located on the right-hand side of the Title Bar.

ARIM

If either counter is non-zero you'll be prompted to confirm the operation:

ARIM

Press 'y' to proceed or 'n' to cancel. The counters increment when a new message or file is received. They are helpful as indicators of activity during periods of unattended operation. Note that files received in FEC mode are encapsulated in a message or query response frame, so the message counter is incremented, not the file counter. New messages are listed in the convenient Recent Messages view; press 'r' to toggle this on and off. New message and file counter values are lost when the program is closed.

Press <ESC> to abort send or receive

Sometimes it's necessary to abort a transmission in progress or halt a receive operation instead of waiting for it to time out. To do this press the <ESC> key to cancel the operation and return ARIM to the idle state. When transmitting, this makes the TNC stop sending, flushes the transmit buffer, and cancels any pending message repeats. When receiving (or waiting for) an ARIM frame the time out counters are reset and any pending response is canceled, making the TNC available for a new send operation immediately. A confirmation message will appear briefly on the Status Bar and the Busy/Idle indicator will reflect the change.

In ARQ mode, pressing the <ESC> key to abort a connection results in a "dirty disconnect". Use CTRL-X to attempt a clean disconnect before resorting to <ESC>.

Scrolling back the Monitor View

A 500 line scrollback buffer allows review of past traffic. Press the UP or DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME or END keys to start scrolling.

ARIM

The status bar is updated to indicate that scrolling is active. This state persists unless you stop using the movement keys for more than 30 seconds or press 'c' to cancel. Until then the view won't auto-scroll to the end when new traffic is posted.

Using the command line

Open the program and press the spacebar to open the command prompt.

ARIM

There are multiple uses for the command line.

Basic line editing features are available on the command prompt. The left and right arrow keys, HOME, END, DEL and backspace keys work as expected. This makes it easy to correct mistakes in typing, whether a entering a command or composing a message. For those familiar with the Emacs style line editing in Linux: CTRL-A, CTRL-E, CTRL-F, CTRL-B, CTRL-D, CTRL-K and CTRL-U can be used instead.

The command prompt has a history buffer which holds the last 15 unique commands entered. Use the UP and DOWN keys to browse command history when you want to reuse a previously sent command. For those familiar with Linux command history navigation, the CTRL-P and CTRL-N keys can be used instead.

Sending commands to the TNC

A TNC must be attached. Press the spacebar to open the command prompt.

ARIM

Prefix the message with the '!' character. Press ENTER to send the command to the TNC. The command trace will appear in the TNC command view, followed by the TNC's response if it was a query. To set a TNC parameter, follow the command with the parameter, e.g. !CWID TRUE. To query a TNC parameter, send the command without any argument, e.g. !CWID. Complete control over the TNC is available using this interface. ARDOP TNC commands are documented in the Host Interface Spec for the ARDOP TNC by Rick Muething, KN6KB and available in the files area of the ARDOP users group at groups.io.

Viewing and changing TNC settings

TNC parameters are set in the [tnc] section of the arim.ini configuration file and loaded when attaching to a TNC. However, some of these settings can be modified on-the-fly from the ARIM command prompt with these commands:

To change one of these, press the spacebar to open the command prompt and enter the command like this:

ARIM

The change will be confirmed by a message on the Status Bar.

When attached to a TNC, any ARDOP parameter may be queried or changed at the command prompt using bang commands. These are prefixed with the '!' character and are sent directly to the TNC. For example, !SENDID queries the SENDID parameter, and !BUSYDET 5 sets the BUSYDET parameter to '5'. ARDOP TNC commands are described in the ARDOP Protocol Native TNC Commands document by KN6KB. The current version is located in the files section of the ARDOP Developers Group.

Pinging another station

A TNC must be attached and the RF channel must not be busy. Press the spacebar to open the command prompt and enter the ping command like this:

ARIM

The format is ping call nbr. The ping repeat count must follow the target call sign. This is the number of times the PING packet will be sent in the absence of a response from the target station before the TNC "gives up". The minimum repeat count is 2 and the maximum is 15. Ping transmissions and responses are displayed in the monitor view. The response will include a signal report including the signal-to-noise ratio and a constellation quality figure ranging from 0-100%.

If the RF channel is busy, ARIM won't send the ping, and an error message will be shown on the status bar.

Using Pilot Pings

Pilot pings are an experimental option which take advantage of the new PING and PINGACK frame types introduced in ARDOP v0.9.5. The PINGACK response to a PING sent to a remote station includes a signal report with signal-to-noise and constellation quality numbers, making it possible for a station to learn how it is being heard by other stations.

Pilot pings are ARDOP PING frames automatically sent in advance of an ARIM message or query transmission or ARQ connect request to test the RF path to the target station. If the signal constellation quality report from the target station meets a preset threshold, the message transmission proceeds; if not then it is canceled. This prevents hopeless attempts at message transmission from tying up the frequency in marginal conditions. The PING/PINGACK cycle is very short compared to the length of a typical FEC message transmission so the additional overhead is low, but the potential improvement in efficiency of channel use is high. Pilot pings are never sent in advance of ARIM messages directed to the net call. These parameters control pilot ping behavior:

These parameters are set in the [arim] section of the arim.ini configuration file, but can also be modified on-the-fly from the ARIM command prompt so that the operator an adapt to changing conditions. Here are the commands you can use from the command prompt:

To change one of these, press the spacebar to open the command prompt and enter the command like this:

ARIM

The change will be confirmed by a message on the Status Bar. When in doubt, use the ppset command to check settings.

ARQ: Connecting to a remote station

ARIM can act as an ARQ client or server, interoperating with ARDOP Chat or another ARIM station for keyboard to keyboard chat. ARIM may also be used as an ARQ client to connect to a BPQ BBS with a ARDOP port.

A TNC must be attached and the RF channel must not be busy. Press the spacebar to open the command prompt and enter the conn command like this:

ARIM

The format is conn call nbr where call is the call sign of the target station, and nbr is the request repeat count. This is the number of times the ARQCALL packet will be sent in the absence of a response from the target station before the TNC "gives up". The minimum repeat count is 3 and the maximum is 15. Connect requests and responses are displayed in the monitor view.

ARIM

If the RF channel is busy, ARIM won't send the connection request, and an error message will be shown on the status bar.

When the connection is made, ARIM will be in ARQ mode, where text entered at the command prompt is sent directly to the remote station rather than processed as an ARIM command. The line editing and history recall features of the command prompt work as usual but the '!' prefix won't work to send commands directly to the TNC, and the ':' prefix won't work to send unproto FEC transmissions.

All text sent and received will be displayed on the Traffic Monitor, and the status bar will show the call sign of the remote station, the negotiated max connection bandwidth and the current TNC state. Note: the Recent Messages and Ping History views can't be opened during an ARQ session.

The shared files, message inbox, message outbox and sent messages viewers can be opened during an ARQ session by using these hot keys:

These work as usual in ARQ mode. Files can be uploaded to the remote station from the shared files viewer with the sf [-z] n [dir] command. Previously composed messages can be sent to the remote station from the message outbox viewer with the sm n command. Messages can be forwarded to the remote station from the message inbox and sent messages viewers with the fm n commands.

To disconnect, press CTRL-X or enter the special command '/dis' at the command prompt and press ENTER.

ARIM

You'll be prompted to confirm:

ARIM

Type 'y' and a clean disconnect will be attempted.

ARIM

These parameters control ARQ behavior:

These parameters are set in the [tnc] section of the arim.ini configuration file, but can also be modified on-the-fly from the ARIM command prompt by the operator. The following commands are available:

If pilot pings are enabled they will apply to ARQ connection requests, so that the RF path to the remote station can be tested in advance. If the pilot pings fail, the connection attempt will be canceled.

ARQ: Sending queries to the remote station

When connected to an ARIM station, the following query commands, prefixed by the '/' (slash) character, may be entered at the prompt to retrieve information from the remote station:

Press the spacebar to open the command prompt and enter the command at the start of the line like this:

ARIM

Here we see the response:

ARIM

ARQ: Sending messages to the remote station

When connected to an ARIM station, single-line messages can be sent using the /sm [-z][msg] command where the -z option invokes compression, and msg is the message text. This is convenient when the message is short and you wish to bypass the message composer. Press the spacebar to open the command prompt and enter the command like this:

ARIM

The remote station saves the message to its inbox and returns an /OK response to confirm receipt. A copy will be stored in your sent messages mailbox.

ARIM

For longer, multi-line messages, press the spacebar to open the command prompt and enter the command like this:

ARIM

Enter the message line-by-line at the command prompt. When done, enter /ex at the start of a new line to close the message composer view and send the message on its way.

ARIM

The remote station saves the message to its inbox and returns an /OK response to confirm receipt. A copy will be stored in your sent messages mailbox.

ARIM

To cancel a message you've started to send, enter /can at the start of a new line to close the message composer view and discard the message.

If the remote ARIM station encounters an error saving the message, it returns an /ERROR response and the message is discarded.

Use the -z option to compress the message to reduce transfer time. The message will be automatically decompressed at the receiving station before it is saved to the inbox there.

Existing messages in a local mailbox can also be sent to the remote station from one of the message viewers. During an ARQ session these are opened not by entering a commmand at the prompt, but by pressing a hot key:

Messages composed offline and stored in the outbox can be sent to the remote station. Press 'o' to open the message outbox viewer:

ARIM

Enter the sm n command to start the upload. This is a more efficient method than composing the messages during the ARQ session itself. Alternatively, use the sm -z n command to compress the message before it is sent. This can reduce transfer time for larger messages.

Messages in the inbox can be forwarded to the remote station. Press 'i' to open the message inbox viewer and enter the fm n command to start the upload. Alternatively, use the fm -z n command to compress the message before it is sent. This can reduce transfer time for larger messages.

Messages in the sent messages mailbox can also be forwarded to the remote station. Press 's' to open the sent messages viewer and enter the fm n command to start the upload. Alternatively, use the fm -z n command to compress the message before it is sent. This can reduce transfer time for larger messages.

If the remote ARIM station encounters an error saving the message, it returns an /ERROR response and the message is discarded.

ARQ: Downloading messages from the remote station

In an authenticated ARQ session, you can retrieve messages addressed to your station that are queued in the remote station's outbox. This is useful for stations that are on the air only intermittently. Use these commands to list and download messages:

To list your messages, press the spacebar to open the command prompt and enter the /mlist command at the start of the line like this:

ARIM

The remote station responds:

ARIM

In this example, the command triggers the mutual authentication process automatically. After that, the listing is received. The messages are listed in chronological order (oldest first).

To download the listed messages, press the spacebar to open the command prompt and enter the /mget [-z] [nbr] command at the start of the line like this:

ARIM

In this example, the the -z option is used to invoke compression. The download will begin:

ARIM

The progress of the download is reported as each message is received. As each message is received, the receiving station stores the message in its inbox and sends a /OK response to confirm receipt. The sending station then deletes the message from its outbox. If the either station encounters an error, it sends an /ERROR response to the other and the download is canceled. In that case the message is not deleted from the outbox at the sending station.

While the download is in progress no text or commands are accepted from the command prompt. This condition is indicated by a ! character seen in the status bar indicator area:

ARIM

To cancel the download, press CTRL-X to close the ARQ connection.

Use the /mget -z command to compress the message before it is sent. This can reduce transfer time for large messages.

Use the /mget nbr command to limit the number of messages downloaded. If less than the number of messages available, then the oldest nbr are downloaded. The minimum value of nbr is 1 and the maximum is 10. This option can be combined with the -z option.

ARQ: Reading files from the remote station

When connected to an ARIM station any shared files it offers can be listed and read in the Traffic Monitor view. Only text files and dynamic files with text output can be printed to the screen. Use these commands to list available files and read them:

To list the files in the shared files root directory, press the spacebar to open the command prompt and enter the /flist command at the start of the line like this:

ARIM

The remote station responds:

ARIM

Choose a file, press the spacebar to open the command prompt and enter the /file fn command at the start of the line like this:

ARIM

The file will be read:

ARIM

The text is printed the the Traffic Monitor view line by line as it is received.

ARQ: Downloading files from the remote station

When connected to an ARIM station any shared files it offers can be listed and downloaded. Both text and binary file types can be transferred over the ARQ connection. A compression option can be invoked to reduce transfer time for many file types, and you can specify a destination directory at the local station other than the default. Use these commands to list and download files:

To list the files in the shared files root directory, press the spacebar to open the command prompt and enter the /flist command at the start of the line like this:

ARIM

The remote station responds:

ARIM

Choose a file, press the spacebar to open the command prompt and enter the /fget fn command at the start of the line like this:

ARIM

The download will begin:

ARIM

The progress of the download is reported as each data frame is received. When it's complete an /OK response is sent to the remote station to confirm receipt. If the remote ARIM station encounters an error sending the file, it returns an /ERROR response and the download is canceled.

By default, downloaded files are stored in the download subdirectory in the local station's shared files root directory. ARIM will create this if it doesn't already exist.

While the download is in progress no text or commands are accepted from the command prompt. This condition is indicated by a ! character seen in the status bar indicator area:

ARIM

To cancel the download, press CTRL-X to close the ARQ connection.

Use the /fget -z n command to compress the file before it is sent. This can reduce transfer time for larger files. Note that compression isn't useful for very small files, or files that are already compressed (e.g. "zip" files or many image file types). In these cases the zlib format overhead can make the file size increase, not decrease.

Use the /fget [-z] n > dir command to store the file to a location other than the default download directory. The dir parameter specifies the destination directory as a path relative to the shared files root directory at the local station, e.g. contests/2016. This option can be combined with the -z option.

ARQ: Uploading files to the remote station

When connected to an ARIM station local files can be uploaded to the remote station. Both text and binary file types can be transferred over the ARQ connection. A compression option can be invoked to reduce transfer time for many file types, and you can specify a destination directory at the remote station other than the default. If you do, the destination directory must made visible by an add-files-dir configuration file parameter at the remote station. If not specified, the file is stored in the download subdirectory in the remote station's shared files root directory.

Press the 'f' hot key in ARQ mode to open the shared files viewer and locate the file you wish to send.

ARIM

To upload a file, press the spacebar to open the command prompt and enter the sf nbr command like this:

ARIM

The upload will begin:

ARIM

Press 'q' to quit the shared files viewer.

ARIM

The progress of the upload is reported as each data frame is sent. When it's complete an /OK response is received from the remote station to confirm the file was saved. If the remote ARIM station encounters an error receiving the file, it returns an /ERROR response and the upload is canceled.

Uploaded files are stored in the destination directory on the remote station. ARIM will create this if it doesn't already exist.

While the upload is in progress no text or commands are accepted from the command prompt. This condition is indicated by a ! character seen in the status bar indicator area:

ARIM

To cancel the upload, press CTRL-X to close the ARQ connection.

Use the sf -z n command to compress the file before it is sent. This can reduce transfer time for larger files. Note that compression isn't useful for very small files, or files that are already compressed (e.g. "zip" files or many image file types). In these cases the zlib format overhead can make the file size increase, not decrease.

Use the sf [-z] n dir command to store the file to a location other than the default download directory. The dir parameter specifies the destination directory as a path relative to the shared files root directory at the remote station, e.g. contests/2016. If you do, the destination directory must made visible by an add-files-dir configuration file parameter at the remote station. This option can be combined with the -z option.

ARQ: Session Authentication

The optional Mutual Authentication feature provides a way to verify the identities of the stations in an ARQ session. This works by making each station prove to the other that it possesses a shared secret (password) known only to the two stations involved. This is done using a Digest Access Authentication scheme very similar to that specified in RFC 2069 with the exception that the MD5 hash function is replaced by the more modern and secure Blake2 hash function. The exchange of proofs is accomplished without sending the password itself over the air. The process is automatic and requires no operator intervention. This feature can be used to:

Once an ARQ connection is established, the operator can invoke the mutual authentication process manually using the /auth command. If it succeeds, the identity of the remote station is proven and the operator can read, upload or download files with confidence. If it fails, because one station or the other doesn't know the shared secret (password), the operator is presented with a warning message and given the choice of either continuing or terminating the ARQ session.

For example, to authenticate pre-emptively, press the spacebar to open the command prompt and enter the/auth command:

ARIM

The remote station sends a challenge which is the first of 3 messages (A1, A2 and A3) exchanged during the authentication process.

ARIM

If the remote station cannot authenticate your station, you are alerted and asked if you want to disconnect:

ARIM

Likewise, if your station cannot authenticate the remote station, you are alerted and asked if you want to disconnect:

ARIM

In either case the problem is likely to be missing or incorrect password digest file entries.

The authentication challenge/response protocol

  1. The process begines when the operator at one station (the client), connects to another station (the server) and: or:
  2. At the server station, ARIM receives the command and recognizes that authentication is required. It searches its password digest file for an entry with the client station's call sign as the client and its own call sign as the server. If it cannot find such an entry, it responds with /EAUTH and the operator at the client station is informed that authentication has failed. If ARIM does find such an entry, it responds with an authentication challenge in the form of the /A1 command. The challenge includes an opaque nonce, a token whose content it controls and which must be incorporated into the response made by the client station.
  3. At the client station, ARIM receives the /A1 command. It searches its password digest file for an entry with its own call sign as the client and the server station's call sign as the server. If it cannot find such an entry, it responds with '/EAUTH' and the operator at the client station is informed that authentication has failed. If the needed entry is found, ARIM computes a response token which proves that it knows the shared secret. The response is: where: Thus the response to each challenge is unique, in a way dependent on the nature of the request and the nonce issued by the challenger. This makes "replay" attacks difficult to mount and recovery of the password from the response token computationally infeasible. ARIM sends the response token plus a challenge nonce to the server station in the form of the /A2 command.
  4. At the server station, ARIM receives the /A2 command and checks the challenge response token it contains. It does this by computing the response token it expects using the password digest token (HA1) stored in the password digest file it owns. It compares this with the response token received from the client station. If they don't match, then the client station must not have the same password digest that ARIM has stored locally. In this case ARIM will send /EAUTH to the client station where the operator will be informed that authentication has failed. If they match, then the client station has proven its authenticity and ARIM will send a response to the challenge contained in the /A2 command. As before, this is computed as H(HA1:nonce:HA2), using the challenge nonce received from the client station. It sends this response to the client station in the form of the /A3 command.
  5. At the client station, ARIM receives the /A3 command and checks the challenge response token it contains. It does this by computing the response token it expects using the password digest token (HA1) stored in the password digest file it owns. It compares this with the response token received from the server station. If they don't match, the server station must not have the same password digest that ARIM has stored locally. In this case ARIM will inform the operator that authentication has failed. If they match, then the server station has proven its authenticity and ARIM re-sends the command that triggered the process, unless it was the /auth command. In that case there is no work to do, so ARIM simply sends the /OK response to signal that the mutual authentication is complete.

To strike a reasonable balance between security and the "air time" cost of the challenge/response data exchanges, challenge nonces contain 6 bytes of data and the Blake2 response hash is truncated to 21 bytes, or 168 bits (big enough for excellent collision resistance). These are sent in base64 encoded form making the over-the-air sizes 8 and 28 bytes respectively.

ARQ: File access control

Shared files directories at a station can be designated as access-controlled with the ac-files-dir parameter in the arim.ini configuration file. These resources are available only to stations that successfully authenticate themselves in an ARQ session. By default, the authentication process is triggered automatically on the first attempt by a station to access a controlled resource. Here is an example:

ARIM

The operator at KA8RYU connects to NW8L-1 and reads the space weather report. Next he attempts to download a controlled file, admin/contact-list.txt with the /fget command. This triggers an authentication challenge from NW8L-1 in the form of the /A1 command. The mutual authentication succeeds, so the /fget command is automatically repeated and the file is downloaded. Note the + character appended to NW8L-1's call sign in the status bar. This indicates that the ARQ session is authenticated.

If mutual authentication succeeds, subsequent accesses of controlled resources on the remote station proceed normally.

Alternatively, the operator at KA8RYU can send the /auth command pre-emptively to authenticate with the remote station before attempting to access controlled directories and their contents. On receiving this, if station NW8L-1 is unable to find a password digest file entry for KA8RYU, it sends the /EAUTH response and the operator at KA8RYU is alerted:

ARIM

Otherwise the authentication process proceeds as usual.

Note: Shared files directories defined by add-files-dir parameters in the arim.ini configuration file are not access-controlled. These are accessible by any station in ARQ and FEC mode operations. Likewise, the root shared files directory is always accessible by any station for file listing, uploads and downloads.

ARQ: Password management

Passwords are created at the ARIM command prompt with the passwd command and stored in digest ("hashed") form in a file. Passwords are hashed with a salt (the call signs of the corresponding stations), so that any given password results in unique hash for different call sign pairs. This hash is identical to the HA1 term used in the digest authentication scheme, so it can be read out of the password digest file when needed, making it unnecessary to store the original password. Mathematically, the Blake2 hash function is a strong one way function; it is computationally infeasible to recover the password from the hash. Because the password hash is stored in a file the authentication process can operate without operator intervention; there's no need to remember and enter the password each time.

In the context of an ARQ session, the term client refers to the station where an operator triggers the authentication process by:

When this happens the other station assumes the role of server and responds with an authentication challenge. These definitions imply that an operator is always present at the client station, but not at the server station, which is assumed to be operating automatically. However, once an ARQ connection is established between two stations, the operator at either end can seize the client role by being the first to trigger the mutual authentication process.

The passwd command must be invoked at both stations like this:

passwd client_call server_call some-password

Let's assume that client-call is KA8RYU, and server-call is NW8L-1. Press the spacebar to open the command prompt, and enter the passwd command like this:

ARIM

You will be prompted to confirm the password.

ARIM

Press 'y' to store the password digest into the file. This command must be executed at both stations to store the password digest on each. If this is done, KA8RYU can connect to NW8L-1 and successfully authenticate if challenged. However, this doesn't mean that the reverse is true: NW8L-1 can't connect to KA8RYU and do the same. To make this possible the passwd command must be invoked again at each station with NW8L-1 specified as the client:

ARIM

Now either station can connect to the other and play the role of client to the other station's role of server in the authentication process. Note that a different password is used; this is the best practice. If we read the arim-digest password digest file at either station using the rp command in the Shared Files viewer we see this:

ARIM

There are two entries, one for KA8RYU as client and NW8L-1 as server, and another for NW8L-1 as client and KA8RYU as server. This allows both one-way and two-way relationships to be defined. For instance, a station serving as a document repository can issue passwords to multiple stations who connect to it as clients and access the controlled files it offers. However, no such password is issued to the repository station by the client stations; it cannot connect to any of them in the client role and authenticate for the purpose of accessing any controlled resources they publish.

To protect against accidental disclosure of password digest file contents, any file named 'arim-digest', or variations like 'arim-digest.bak', no matter where located in the file system, are protected against access by a remote station. Avoid easy-to-guess passwords, and never include the call signs of the client or server stations in the password. While the base64 encoded Blake2 digest (HA1) may look quite random, it contains only as much entropy as the original password, so choose passwords well. Note: passwords are case sensitive!

Use the delpass command to delete a password digest from the arim-digest file:

delpass client_call server_call

Let's assume that client-call is KA8RYU, and server-call is NW8L-1. Press the spacebar to open the command prompt, and enter the delpass command like this:

ARIM

You will be prompted to confirm the deletion.

ARIM

Press 'y' to delete the password digest from the file.

FEC: Sending an unproto message

A TNC must be attached and the RF channel must not be busy. Press the spacebar to open the command prompt.

ARIM

Prefix the message with the ':' character. Press ENTER to send the message out over the air as raw ARDOP FEC frames, rather than being formatted as an ARIM message. The message will appear in the monitor view tagged with the [U] indicator.

If the RF channel is busy, ARIM won't send the unproto message, and an error message will be shown on the status bar.

FEC: Sending a message (to TNC)

When attached to a TNC, single-line messages can be sent using the sm call [msg] command, where call is the call sign of the recipient and msg is the message text. This is useful when the message is short and you wish to bypass the message composer. Press the spacebar to open the command prompt and enter the command like this:

ARIM

The message will be sent immediately after pressing the ENTER key to complete the command. A copy will be stored in your sent messages mailbox.

If the RF channel is busy, ARIM won't send the message, and an error message will be shown on the status bar.

For longer messages, press the spacebar to open the command prompt and enter the command like this:

ARIM

The message composer opens.

ARIM

Enter the message line-by-line at the command prompt. When done, enter /ex at the start of a new line to close the message composer view and send the message on its way. A copy will be stored in your sent messages mailbox.

ARIM

The monitor view shows the outbound message and the inbound ACK from the recipient station.

To cancel a message you've started to send, enter /can at the start of a new line to close the message composer view and discard the message.

If the TNC is busy when the message is sent, the message will be stored in the outbox automatically. If the message send fails for some reason (NAK, ACK timeout, etc.) then this dialog will appear:

ARIM

Press 'y' to store the message to the outbox, 'n' to discard it. If you cancel the message send then this dialog will appear:

ARIM

Press 'y' to store the message to the outbox, 'n' to discard it.

FEC: Composing a message (to outbox)

Whether or not attached to a TNC, messages can be composed and stored in the message outbox using the cm call command where call is the call sign of the recipient. Press the spacebar to open the command prompt and enter the command like this:

ARIM

The message composer opens.

ARIM

Enter the message line-by-line at the command prompt, then enter /ex at the start of a new line to close the message composer view and send the message to the outbox. To cancel a message enter /can at the start of a new line. This will discard the message and close the composer view.

FEC: Working with the message inbox

Press the spacebar to open the command prompt and enter the li command to open the message inbox viewer.

ARIM

Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll through the message header list. Headers contain the following information, from left to right:

The following commands are available:

Press 'q' to quit. Note: The automatic message purge process runs whenever this view is opened. This discards messages whose age in days exceeds the limit set by the max-msg-days parameter in the [arim] section of the arim.ini configuration file. Set it to 0 to disable automatic message purging. The default setting is 0.

FEC: Working with the message outbox

Press the spacebar to open the command prompt and enter the lo command to open the message outbox viewer.

ARIM

Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll through the message header list. Headers contain the following information, from left to right:

The following commands are available:

Press 'q' to quit. Note: The automatic message purge process runs whenever this view is opened. This discards messages whose age in days exceeds the limit set by the max-msg-days parameter in the [arim] section of the arim.ini configuration file. Set it to 0 to disable automatic message purging. The default setting is 0.

FEC: Working with sent messages

Press the spacebar to open the command prompt and enter the ls command to open the sent message viewer.

ARIM

Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll through the message header list. Headers contain the following information, from left to right:

The following commands are available:

Press 'q' to quit. Note: The automatic message purge process runs whenever this view is opened. This discards messages whose age in days exceeds the limit set by the max-msg-days parameter in the [arim] section of the arim.ini configuration file. Set it to 0 to disable automatic message purging. The default setting is 0.

FEC: Reading messages

When in the inbox or outbox viewer, press the spacebar to open the command prompt and enter the rm nbr command where nbr is the message number. This opens the message viewer.

ARIM

The message number and size in lines are shown in the Status Bar. Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll through the message. Press 'q' to quit the message viewer and return to the message header view.

FEC: Query another station for information

A TNC must be attached and the RF channel must not be busy. Press the spacebar to open the command prompt and enter the sq call query command where call is the call sign of the target station and query is one of these:

ARIM

The target station will send the requested information in a response message.

ARIM

The response message will appear in the monitor view tagged with the [R] indicator. It will be stored in the message inbox for later viewing, and also appear in the Recents list.

If the RF channel is busy, ARIM won't send the query, and an error message will be shown on the status bar.

FEC: Retrieving files from another station

Use the sq call flist [dir] query to get a list of shared files from station call where dir is an optional directory path, relative to the shared files root directory, e.g. contests/2016/FOBB.

ARIM

The list will be returned in the response message which is stored into the inbox.

ARIM

To see it, open the message inbox viewer with the li command, then use the rm nbr command to read the file list message:

ARIM

Note the name of the file you wish to get. NOTE: Static files have their size in bytes listed with the file name. Dynamic files have the DYN label listed with the file name to indicate that their size is variable.

Press 'q' to close the message viewer and 'q' again to close the message inbox view.

Now use the sq call file fname command to query the file fname from station call. NOTE: file names are case sensitive!

ARIM

The file will be returned in the response message.

ARIM

The message is stored into the inbox where it can be viewed or saved to disk.

ARIM

NOTE: the maximum file size is set by the max-file-size parameter in the [arim] section of the arim.ini configuration file. The file list returned by the flist query is filtered so that only static files less than the max size are listed, and the output of dynamic files is limited to the max size. At this time the absolute maximum allowed is 8192 bytes. The location of the shared files root directory is set by the files-dir parameter in the [arim] section of the arim.ini configuration file.

FEC: Using message send repeats

In difficult conditions it may be helpful to enable automatic repeats of messages if they are nak'd or an ACK timeout occurs. Three parameters control message send repeat behavior:

These parameters are set in the [arim] section of the arim.ini configuration file, but can also be modified on-the-fly from the ARIM command prompt so that the operator an adapt to changing conditions. Here are the commands you can use from the command prompt:

To change one of these, press the spacebar to open the command prompt and enter the command like this:

ARIM

The change will be confirmed by a message on the Status Bar. When in doubt, use the srset command to check settings.

FEC: Beaconing

Beaconing can be configured for each TNC by the btime parameter in the relevant [tnc] section of the arim.ini configuration file. This parameter defines the beacon interval time in minutes, with '0' meaning that beaconing is disabled.

When attached to a TNC, beaconing can be managed using the btime and btest commands. Use btime nbr to set the beacon interval to nbr minutes, and btest to test the beacon. The beacon status indicator in the Status Bar shows the interval time when beaconing is enabled, or "OFF" when disabled.

If the RF channel is busy, ARIM won't send the beacon, and an error message will be shown on the status bar. In the case of beacons scheduled every btime seconds, ARIM will try again once, 2 minutes later. If the RF channel remains busy, ARIM gives up and schedules the next beacon btime seconds later.

RF channel busy detect

ARIM listens for BUSY notifications from the ARDOP TNC, which are sent to the host program when a signal is detected in the RF channel. When the channel is busy, ARIM displays the RF CHANNEL BUSY indicator below the status bar:

ARIM

ARIM will check the RF channel busy status when the operator initiates any of these actions:

If the RF channel is busy, ARIM will cancel the operation and an error message will be shown on the status bar. If sending a message, the operator is prompted to save it to the outbox to be sent later. This helps prevent collisions between transmissions on a busy channel, for example during net operations.

The TNC does not send BUSY notifications to the host program during an ARQ session.

The ARDOP TNC's busy detect feature is influenced by these configuration parameters:

Note: if using the ardopc or piardopc TNCs, version 1.0.2.5j-BPQ or higher is required. Previous versions didn't send busy notifications to the host program when ARDOP FEC frames were heard.

Working with the shared files viewer

Press the spacebar to open the command prompt and enter the lf command to open the shared files viewer.

ARIM

The viewer opens in the shared files root directory defined by the files-dir parameter in the [arim] section of the arim.ini configuration file. The directory path is shown in the title of the viewer window.

The contents of the directory are listed, one to a line. For files, the name, size in bytes and the last-modified date are shown. For subdirectories, the name and last-modified date are shown. Starting with ARIM version 1.2, access-controlled subdirectories defined by the ac-files-dir configuration file parameter are indicated with the ! (bang) character like this: !DIRECTORY.

Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll through the listing. Each file or directory is given a number for use with commands. A list of available commands is printed in the Status Bar:

When you open a directory with the cd command, the listing includes the parent directory (..) as item number 1.

ARIM

Enter the command cd 1 to return to it. Press 'q' to quit the file viewer.

Reading files

Text files listed in the shared files viewer can be opened for reading. Press the spacebar to open the command prompt and enter the rm nbr command where nbr is the message number. This opens the file reader.

ARIM

The file number and size in lines are shown in the Status Bar. Use the UP and DOWN arrow keys or the PAGEUP, PAGEDOWN, HOME and END keys to scroll through the file. Press 'q' to quit the file reader and return to the shared files viewer.

Serving dynamic files

Dynamic files are used to return output from a script or system command executed by ARIM in response to a file query.

Dynamic file aliases are listed in the output of the flist query for the shared files root directory. Because the size of the output is not known in advance, no file size is shown; instead the DYN identifier appears, like this:

ARIM

Here's a sample of the spwxfc dynamic file output as seen in an ARQ session:

ARIM

Dynamic file aliases are defined in the [arim] section of the arim.ini configuration file. The format is alias:command where alias is the name used to access the file and command is the invocation of the command or script, separated by a : (colon) character. For example:

dynamic-file = spwxfc:python /home/nw8l/scripts/forecast.py

Make sure that alias is unique among the other dynamic file definitions and file names in the shared files directory. Use absolute paths to script files when ARIM is built from source and installed. Relative paths can be used for "portable" binary installations where the script files are contained in same directory as the arim executable file. You may define no more than 16 dynamic files.

In response to the query sq file alias, command will be executed in a shell and its output returned in the response. command can be a batch file, a script invocation like python myscript or a system command like date or uname -a. The output size in bytes is limited by the max-file-size parameter in the [arim] section of the arim.ini configuration file. Errors generated by dynamic file scripts are written to a file named dyn-file-error.log in the log directory.

Logging

Two logs can be enabled or disabled in the arim.ini configuration file; the traffic log and the debug log. The traffic log is enabled by default and logs the content of all ARIM and ARDOP data frames sent and received by the TNC, with timestamping of each entry. The debug log is disabled by default. It logs all TNC commands sent and received by the ARIM program as well as exceptions encountered in operation like data wait timeouts, communication errors etc.

Set the traffic-log parameter in the [log] section of the arim.ini configuration file to TRUE to enable traffic logging and to FALSE to disable it. Set the debug-log parameter in the [log] section of the arim.ini configuration file to TRUE to enable debug logging and to FALSE to disable it.

Another log file, the dynamic file error log, is always enabled. It logs error messages from scripts or programs that generate dynamic file text output.

Logs are kept in the logs subdirectory of the ARIM working directory. They are automatically rotated every 24 hours. The file name format is name-YYYYMMDD.log where name is either traffic, debug or dyn-file-error, followed by the date, e.g. traffic-20161114.log.

Copyright © 2016, 2017, 2018 by Robert Cunnings NW8L.  Last modified: 15 Feb 2018.