Logo vARIM Messaging Program v1.2 Help Logo

Introduction

ARIM means "Amateur Radio Instant Messaging" and the vARIM program is a GUI host mode program for the VARA Modem developed by EA5HVK.

vARIM is written in C and C++, distributed as source code under the terms of the GPL 3.0 license. Developed on Ubuntu Linux, it should compile and run on any modern Linux installation (including Raspbian for Raspberry Pi). Compiling the source code is easy, the only build dependency beyond the standard C libraries are the fltk and zlib development libraries. Using Microsoft Windows? No problem, vARIM will build and run in the excellent Cygwin environment for Microsoft Windows, or in the Linux Subsystem for Windows (WSL).

Features include:

The vARIM program is a work in progress and I am interested in feedback. I monitor the Digital-mode-radio group at Groups.io and can be reached there, or at the arim-ham group at Groups.io where files and other information will be posted.

The vARIM screen layout Downloading and installing Configuration
Attaching to a port Rig Control/PTT View Quick Help
View Recent messages View Connection History View ARQ File History
Change the Calls Heard timestamp format Clear the new message and file counters Press <ESC> to abort send or receive
Using the command line Sending commands to the VARA modem Composing a message (to outbox)
ARQ: Connecting to a remote station ARQ: Sending messages to the remote station ARQ: Downloading messages from the remote station
ARQ: Listing shared files on the remote station ARQ: Reading files from the remote station ARQ: Downloading files from the remote station
ARQ: Uploading files to the remote station ARQ: Session authentication ARQ: File access control
ARQ: Password management ARQ: Sending queries to the remote station Working with the message inbox
Working with the message outbox Working with sent messages Message tracing
Working with the local shared files viewer Viewing and editing files Serving dynamic files
RF channel busy detect Logging Running vARIM on Cygwin/X

The vARIM screen layout

The vARIM screen is divided into different sections. Some of these are tabbed and host more than one "view".

vARIM

vARIM

Downloading and installing

The prerequisite for vARIM is the VARA software modem. Download links and information about installing and running the VARA modem is found here:

If you plan to run vARIM in the Cygwin environment on Windows, then Cygwin must be installed first. The installer for this is the Cygwin Setup program found on the Installing and Updating Cygwin Packages page. The Cygwin Walkthrough and Beginner's Guide may be helpful in getting started. The X Window System must be installed in Cygwin for GUI programs like vARIM to run. Follow these instructions to install X in Cygwin and run vARIM in an X window. To learn more, consult the Cygwin/X User's Guide. When using Cygwin, you will work in the Cygwin Terminal. A shortcut to the Cygwin Terminal should be placed on your Windows desktop by the Cygwin Setup program. This setup works well to run vARIM and the VARA modem on the same Windows computer.

If you plan to run vARIM in the WSL environment on Windows 10, then you will need to install a standalone X Server for GUI programs like vARIM to run. A good choice is VcXsrv. The installer for this can be downloaded from the VcXsrv download page on SourceForge. This runs on the Windows side and displays vARIM when it is executed in the WSL terminal. Details of configuration may vary depending on which Linux distribution is running in WSL. I've had good luck running Pengwin Linux, which works with VcXsrv without any special configuration. This combination works well to run vARIM and the VARA modem on the same Windows 10 computer.

Next, you need to either build vARIM from source or download a "portable" precompiled binary package.

Run varim with the --help option to print out command line options:

Usage: varim [OPTION]
  -v, --version            print version information
  -f, --config-file FILE   use configuration file FILE
  -p, --print-conf FILE    print configuration file listing to FILE
  -h, --help               print this option help message

Configuration

By default, vARIM reads an "ini" format configuration file named varim.ini at startup. If you are using the portable binary vARIM distribution, this file is located in the same varim-1.2 directory containing the vARIM executable file and data files. If you compiled and installed vARIM from the source distribution, this file is located in the varim data directory in your home directory. To override the default configuration file location, run varim with the --config-file command line option, for example:

varim --config-file /home/nw8l/HF/varim-net.ini

To open the configuration file, choose File->View or Edit Config File... from the main menu:

vARIM

If you make changes, press Save to save them, or Cancel to abandon them. Saved changes won't take effect until vARIM is restarted.

Multiple ports can be defined. A subset of the VARA modem parameters are initialized here, but these can be overridden from the command line after the program starts. Most options have reasonable default values which are used if they are not found in the configuration file.

To print the configuration file parameters to a file for analysis, run vARIM with the -p option. For example:

arim -p dump.txt

In the file is a listing of the parameters and their values after processing, which can be helpful for troubleshooting. Any invalid parameter values will be replaced with default values, and parameters with misspelled names will be absent.

Attaching to a port

Make sure the VARA modem is running. Choose Port->Attach from the main menu and select a port:

vARIM

vARIM will open a TCP connection to the modem. Initialization commands from vARIM to the modem will scroll by in the modem Command Monitor. The Port Status Line will display the number and name of the attached port.

To detach from the port, choose Port->Detach from the main menu.

If you prefer to use the keyboard, press <SP> to open the command prompt. To attach, enter the att n command where n is the port number. To detach, enter the det command.

Rig Control/PTT

Options include VOX and serial port PTT using the DTR or RTS pins. These settings are normally controlled by the ptt-mode and ptt-device parameters in the varim.ini configuration file but can be changed on-the-fly by the operator.

To configure PTT, vARIM must be attached to a VARA modem. Choose Rig->PTT Settings... from the main menu to open the PTT Settings dialog:

vARIM

Choices are:

If using DTR or RTS, choose the serial port device used for PTT. If using a built in serial port on a Linux computer, the device name will have the form '/dev/ttySx' where x is a number. If using a USB-to-Serial converter, the device name will have the form '/dev/ttyUSBx' where x is a number, starting with '0'. In this case, make sure the device is plugged into your computer before making the selection. Press OK to close the dialog. Then make sure your rig is configured to use the selected PTT signal, DTR or RTS.

If vARIM cannot open the selected serial port, you'll see this error message after pressing OK:

vARIM

On Linux, your user must be a member of the 'dialout' user group to access the serial port. If not, then add your user with this command: sudo adduser $(whoami) dialout and try again ('sudo' because admin privileges are needed for 'adduser'). This does not apply to Cygwin/X on Windows. Because the serial port is used only for PTT, not data, you don't need to configure other settings like baud rate, etc.

If running vARIM on Cygwin/X on Windows, follow these steps to get started:

If running vARIM on Windows Subsystem for Linux (WSL), follow these steps to get started:

Generally, it's best to put PTT settings in the varim.ini configuration file so they are loaded when vARIM starts. Use these parameters in each [port] section:

PTT settings for each port are independent so that multiple rigs can be keyed by vARIM using different serial devices. The specified serial port is opened when vARIM attaches to a port, and it is closed when vARIM detaches from a port.

vARIM keys the transmitter in response to PTT ON and PTT OFF commands from the VARA modem. A PTT monitor protects the transmitter if communication with the VARA modem fails when the PTT state is ON and DTR or RTS are asserted. If PTT is asserted longer than 20 seconds, PTT is de-asserted and vARIM detaches from the port.

View Quick Help

Choose Help->Quick Help... from the main menu:

vARIM

Here are a listing of hot keys and commands, a key to status bar indicators, and other information. Press Done to quit.

View Recent messages

Select the Recents tab:

vARIM

This is a listing of headers for messages recently received. They are numbered in reverse chronological order (most recent first). Headers contain the following information, from left to right:

To read a message, right-click its header line and choose Read... from the pop-up menu:

vARIM

This opens the message viewer.

vARIM

Press Done to quit. Shortcut: double-click a header line to read the message.

Several actions can be taken here:

These are shortcuts for the pop-up menu options described below.

To kill a message, right-click its header line and choose Kill from the pop-up menu. The message is deleted from the Inbox.

To save a message to a text file, right-click on its header line and choose Save... from the pop-up menu. The Save Message dialog box opens:

vARIM

Navigate to the desired directory, enter a meaningful file name, and press OK to save.

To reply to a message, right-click its header line and choose Reply... from the pop-up menu:

The Reply to Message dialog box opens:

vARIM

Enter your reply text. If connected, press Send to send the message. Otherwise, press Save to Outbox to store the message in the Outbox to be sent later. Press Cancel to abandon any edits and close the dialog box. During an ARQ session, the Reply... option is available only if the callsign of the sender matches the callsign of the remote station. The Use compression option is available only during an ARQ session.

To forward a message to another station, right-click its header line and choose Forward... from the pop-up menu. The Forward Message dialog box opens:

vARIM

If not connected, enter the call sign of the destination station. Add or edit text in the message body. If connected, press Send to send the message. If not connected, press Save to Outbox to store the message in the Outbox to be sent later. Press Cancel to abandon any edits and close the dialog box. The Use compression option is available only during an ARQ session. In that case the message is forwarded to the connected station, whose call sign is automatically entered and cannot be changed.

To clear the status flags for a message, right-click its header line and choose Clear flags from the pop-up menu.

To clear the Recents view, choose View->Clear->Recents from the main menu.

View Connection History

Select the Connect History tab:

vARIM

Here is a listing of connection reports resulting from both inbound and outbound ARQ sessions. The history shows a line for each session, sorted in reverse chronological order (most recent on top). Each line includes, from left to right:

Connections initiated by the local station (you) are printed in bold text to make them stand out. To clear the view, choose View->Clear->Connect History from the main menu.

View ARQ File History

Select the ARQ File History tab:

vARIM

Here is a listing of ARQ file transfer reports. The history shows a line for each transfer, sorted in reverse chronological order (most recent on top). Each line includes, from left to right:

To clear the view, choose View->Clear->ARQ File History from the main menu.

Change the Calls Heard timestamp format

Choose View->Calls Heard from the main menu and select an option from the fly-out menu:

This affects the timestamps shown in the Calls Heard list.

Shortcut: Press <CTRL-T> to toggle the timestamp format.

Clear the new message and file counters

Choose View->Clear->New Msg and File Counters from the main menu. This clears both counters, which are located at the end of the Port Status Line.

vARIM

The counters increment when a new message or file is received. They are helpful as indicators of activity during periods of unattended operation. New messages are listed in the convenient Recent Messages view. New message and file counter values are lost when the program is closed.

Shortcut: Press <CTRL-N> to clear the new message and file counters.

Press <ESC> to abort send or receive

Sometimes it's necessary to abort a transmission in progress or halt a receive operation instead of waiting for it to time out. To do this press the <ESC> key to cancel the ARQ session and return vARIM to the idle state. This is a unilateral action resulting in a "dirty disconnect". Use <CTRL-X> to attempt a clean disconnect before resorting to <ESC>.

Using the command line

Open the program and press the spacebar to open the command prompt (or click it with the mouse), and enter a command.

vARIM

There are multiple uses for the command line.

Basic line editing features are available on the command prompt. The left and right arrow keys, HOME, END, DEL and backspace keys work as expected. This makes it easy to correct mistakes in typing, whether a entering a command or composing a message.

The command prompt has a history buffer which holds the last 15 unique commands entered. Use the UP and DOWN keys to browse command history when you want to reuse a previously sent command.

Sending commands to the VARA modem

A port must be attached. Press the spacebar to open the command prompt.

vARIM

Prefix the command with the '!' character. Press ENTER to send the command to the modem. The command trace will appear in the modem command view, followed by the modem's response. To set a parameter, follow the command with the parameter, e.g. !LISTEN OFF. Complete control over the modem is available using this interface. VARA modem commands are documented in VARA Protocol Native TNC Commands by EA5HVK, contained in the VARA Documentation download at EA5HVK website.

Composing a message (to outbox)

Whether or not connected to another station, messages can be composed and stored in the message outbox. Choose Message->Compose... from the main menu to open the Compose Message dialog box:

vARIM

If not connected to another station, enter the call sign of the destination station or choose a call sign from the drop-down list (the last 5 previously addressed stations appear here for easy recall). Enter the message into the text editor window, or paste text copied from another application into the text editor. Press Save to Outbox to save the message.

The Use compression option is available only during an ARQ session. In that case the To station: field is automatically populated with the call sign of the connected station.

vARIM

Enter the message into the text editor window or paste text copied from another application into the text editor. Press Save to Outbox to save the message, or Send to transmit it to the connected station.

Press Cancel to cancel the message.

ARQ: Connecting to a remote station

vARIM must be attached to a port and the RF channel must not be busy. Choose ARQ->Connect... from the main menu to open the ARQ Connect dialog box.

vARIM

Enter the Call sign of the target station or choose a call sign from the drop-down list (the last 5 previously called stations appear here for easy recall). Choose the desired ARQ bandwidth from the drop-down list, either 500 or 2300 Hz. Press OK to start. Connect requests and responses are displayed in the monitor view.

If the RF channel is busy, vARIM won't send the connection request, and an error message will be shown on the status bar.

When the connection is made, text entered at the command prompt is sent directly to the remote station rather than processed as an ARIM command. The line editing and history recall features of the command prompt work as usual but the '!' prefix won't work to send commands directly to the modem.

All text sent and received will be displayed on the Traffic Monitor, and the status bar will show the call sign of the remote station, the connection bandwidth and the current ARIM protocol state.

The local files, message inbox, message outbox and sent messages viewers work as usual during an ARQ session. Files can be uploaded to the remote station from the local files viewer. Previously composed messages can be sent to the remote station from the message outbox viewer, and messages can be forwarded to the remote station from the message inbox and sent messages viewers.

If you prefer to use the keyboard, press <SP> to open the command prompt. Enter the conn call [bw] command where call is the call sign of the target station and bw is an optional ARQ bandwidth in Hz, either 500 or 2300.

To disconnect, press <CTRL-X>, choose ARQ->Disconnect from the main menu, or enter the special command '/dis' at the command prompt and press ENTER.

vARIM

You'll be prompted to confirm:

vARIM

Press Yes and a clean disconnect will be attempted.

ARQ behavior is controlled by these parameters in the [port] section of the varim.ini configuration file:

These parameters can also be modified on-the-fly from the vARIM command prompt by the operator.

ARQ: Sending messages to the remote station

When connected to a vARIM station, single-line messages can be sent using the /sm [-z][msg] command where the -z option invokes compression, and msg is the message text. This is convenient when the message is short and you wish to bypass the message composer. Press the spacebar to open the command prompt and enter the command like this:

vARIM

The remote station saves the message to its inbox and returns an /OK response to confirm receipt. A copy will be stored in your sent messages mailbox.

vARIM

For longer, multi-line messages, choose Message->Compose Message... from the main menu to open the Compose Message dialog box:

vARIM

Enter the message into the text editor window, or paste text copied from another application into the text editor. Check Use compression if you wish to have the message compressed to reduce transfer time. Press Send to send the message to the connected station.

vARIM

The remote station saves the message to its inbox and returns an /OK response to confirm receipt. A copy will be stored in your sent messages mailbox.

While the upload is in progress no text or commands are accepted from the command prompt. This condition is indicated by the yellow background color in the ARIM status indicator:

vARIM

To cancel the upload, press CTRL-X to close the ARQ connection.

If the remote vARIM station encounters an error saving the message, it returns an /ERROR response and the message is discarded.

Existing messages in a local mailbox can also be sent to the remote station from one of the message view tabs.

Previously composed messages stored in the outbox can be sent to the remote station. Select the Msg Outbox tab:

vARIM

Right-click on the desired message header and choose Send... from the pop-up menu. This opens the Send Message dialog box:

vARIM

You can make last minute changes if you like. Check Use compression if you wish to compress the message to reduce transfer time. Press OK to send the message to the connected station. This is a more efficient method than composing the messages during the ARQ session itself.

Messages in the inbox can be forwarded to the remote station in the same manner. Select the Msg Inbox tab and right-click on the desired message header. Choose Forward... from the pop-up menu.

Messages in the sent messages mailbox can also be forwarded to the remote station. Select the Sent Messages tab and right-click on the desired message header. Choose Forward... from the pop-up menu.

If the remote vARIM station encounters an error saving the message, it returns an /ERROR response and the message is discarded.

ARQ: Downloading messages from the remote station

In an authenticated ARQ session, you can retrieve messages addressed to your station that are queued in the remote station's outbox. This is useful if you are on the air only intermittently; the operator at the remote station can compose a message when convenient, leaving it in the outbox for you to download later.

To list your messages, choose ARQ->Get My Message Listing from the main menu.

The remote station responds:

vARIM

In this example, the command triggers the mutual authentication process automatically. After that, the listing is received. The messages are listed in chronological order (oldest first).

To download the listed messages, choose ARQ->Get My Messages... from the main menu. The Get My Messages from Remote Station dialog box opens:

vARIM

Select the maximum number of messages to download, and check Use compression if you wish to compress the messages to reduce transfer time. Press OK to start the message download to the local station.

vARIM

The progress of the download is reported as each message is received. As each message is received, the receiving station stores the message in its inbox and sends a /OK response to confirm receipt. The sending station then deletes the message from its outbox. If the either station encounters an error, it sends an /ERROR response to the other and the download is canceled. In that case the message is not deleted from the outbox at the sending station.

While the download is in progress no text or commands are accepted from the command prompt. This condition is indicated by the yellow background color in the ARIM status indicator:

vARIM

To cancel the download, press CTRL-X to close the ARQ connection.

ARQ: Listing shared files on the remote station

When connected to a vARIM station, choose ARQ->Get File Listing... from the main menu to download a listing of shared files it offers. The Get File Listing from Remote Station dialog box opens:

vARIM

Enter the path of the remote directory to list or leave it blank for a listing of the root shared files directory. Check Use compression if you wish to compress the listing to reduce transfer time. Press OK to start the file listing download.

vARIM

While the download is in progress no text or commands are accepted from the command prompt. This condition is indicated by the yellow background color in the ARIM status indicator:

vARIM

To cancel the download, press CTRL-X to close the ARQ connection.

When the download is finished the file listing appears in the Remote Files tab:

vARIM

The contents of the directory are listed, one to a line, and the remote file path is shown at the bottom of the view. For files, the name and size in bytes are shown. For subdirectories, the name is shown. Access-controlled subdirectories are indicated with the ! (bang) character like this: !DIR.

To read a file, right-click on its listing and choose Read from the pop-up menu.

vARIM

The file will be downloaded and printed to the Traffic Monitor view:

vARIM

To download a file, right-click on its listing and choose Get... from the pop-up menu.

vARIM

The Get Remote File dialox box opens:

vARIM

Check Use compression if you wish to compress the listing to reduce transfer time. To download the file to a directory other than the default download directory, enter its path in the To local directory: field or click the browse button and navigate to the desired directory in the Select Local Destination Directory dialog box. The destination directory must made visible by an add-files-dir configuration file parameter at the local station. If no destination directory is specified, the file is stored in the download subdirectory in the local station's shared files root directory. Press OK to get the file.

While the download is in progress no text or commands are accepted from the command prompt. This condition is indicated by the yellow background color in the ARIM status indicator:

vARIM

To cancel the download, press CTRL-X to close the ARQ connection.

To list a subdirectory, right-click on its listing and choose Open Directory... from the pop-up menu.

vARIM

The Open Remote Directory dialog box opens:

vARIM

Check Use compression if you wish to compress the listing to reduce transfer time. Press OK to start the file listing download.

The directory listing will be downloaded and displayed in the Remote Files tab, replacing the previous contents.

vARIM

The Remote Files tab is automatically cleared when the ARQ session is closed.

The mutual authentication process will be triggered automatically if a access-controlled directory is listed when the session is not yet authenticated.

ARQ: Reading files from the remote station

When connected to a vARIM station the shared text files it offers can be read in the Traffic Monitor view. Only text files and dynamic files with text output can be printed to the screen.

To read a file, choose ARQ->Read File... from the main menu to open the Read File from Remote Station dialog box:

vARIM

Enter the name of the file, which can include a path to a subdirectory under the root shared files directory on the remote station. In this example the file test.txt is known to be located in the directory net. Press OK to start reading.

vARIM

The text is printed the the Traffic Monitor view line by line as it is received.

The mutual authentication process will be triggered automatically if a file in an access-controlled directory is specified.

ARQ: Downloading files from the remote station

When connected to a vARIM station any shared files it offers can be downloaded. Both text and binary file types can be transferred over the ARQ connection. A compression option can be invoked to reduce transfer time for many file types, and you can specify a destination directory at the local station other than the default.

To download a file, choose ARQ->Get File... from the main menu to open the Get File from Remote Station dialog box:

vARIM

Enter the name of the file and check Use compression if you wish to compress the file to reduce transfer time. To download the file to a directory other than the default download directory, enter its path in the To local directory: field or click the browse button and navigate to the desired directory in the Select Local Destination Directory dialog box. The destination directory must made visible by an add-files-dir configuration file parameter at the local station. If no destination directory is specified, the file is stored in the download subdirectory in the local station's shared files root directory. Press OK to start the download.

vARIM

The progress of the download is reported as each data frame is received. When it's complete an /OK response is sent to the remote station to confirm receipt. If the remote ARIM station encounters an error sending the file, it returns an /ERROR response and the download is canceled.

The mutual authentication process will be triggered automatically if a file in an access-controlled directory is specified.

While the download is in progress no text or commands are accepted from the command prompt. This condition is indicated by the yellow background color in the ARIM status indicator:

vARIM

To cancel the download, press CTRL-X to close the ARQ connection.

ARQ: Uploading files to the remote station

When connected to a vARIM station local files can be uploaded to the remote station. Both text and binary file types can be transferred over the ARQ connection. A compression option can be invoked to reduce transfer time for many file types, and you can specify a destination directory at the remote station other than the default.

To upload a file, choose ARQ->Send File... from the main menu to open the Send File to Remote Station dialog box:

vARIM

Enter the name of the file or click the browse button and select the file in the Select File to Send dialog box. Check Use compression if you wish to compress the listing to reduce transfer time. To upload the file to a directory other than the default download directory at the remote station, enter its path in the To remote directory: field This path must be relative to the shared files root directory, e.g. contests/2016 and must made visible by an add-files-dir configuration file parameter at the remote station. Press OK to start the upload.

vARIM

The progress of the upload is reported as each data frame is sent. When it's complete an /OK response is received from the remote station to confirm the file was saved. If the remote vARIM station encounters an error receiving the file, it returns an /ERROR response and the upload is canceled.

The mutual authentication process will be triggered automatically if a file in an access-controlled directory is specified.

While the upload is in progress no text or commands are accepted from the command prompt. This condition is indicated by the yellow background color in the ARIM status indicator:

vARIM

To cancel the upload, press CTRL-X to close the ARQ connection.

ARQ: Session Authentication

The optional Mutual Authentication feature provides a way to verify the identities of the stations in an ARQ session. This works by making each station prove to the other that it possesses a shared secret (password) known only to the two stations involved. This is done using a Digest Access Authentication scheme very similar to that specified in RFC 2069 with the exception that the MD5 hash function is replaced by the more modern and secure Blake2 hash function. The exchange of proofs is accomplished without sending the password itself over the air. The process is automatic and requires no operator intervention. This feature can be used to:

Once an ARQ connection is established, the operator can invoke the mutual authentication process pre-emptively. If it succeeds, the identity of the remote station is proven and the operator can read, upload or download files with confidence. If it fails, because one station or the other doesn't know the shared secret (password), the operator is presented with a warning message and given the choice of either continuing or terminating the ARQ session.

For example, to authenticate pre-emptively, choose ARQ->Authenticate from the main menu.

vARIM

The remote station sends a challenge which is the first of 3 messages (A1, A2 and A3) exchanged during the authentication process.

vARIM

If the remote station cannot authenticate your station, you are alerted and asked if you want to disconnect:

vARIM

Likewise, if your station cannot authenticate the remote station, you are alerted and asked if you want to disconnect:

vARIM

In either case the problem is likely to be missing or incorrect password digest file entries.

If you prefer to use the keyboard, press <SP> to open the command prompt and enter the /auth command to authenticate.

The authentication challenge/response protocol

  1. The process begines when the operator at one station (the client), connects to another station (the server) and: or:
  2. At the server station, vARIM receives the command and recognizes that authentication is required. It searches its password digest file for an entry with the client station's call sign as the client and its own call sign as the server. If it cannot find such an entry, it responds with /EAUTH and the operator at the client station is informed that authentication has failed. If vARIM does find such an entry, it responds with an authentication challenge in the form of the /A1 command. The challenge includes an opaque nonce, a token whose content it controls and which must be incorporated into the response made by the client station.
  3. At the client station, vARIM receives the /A1 command. It searches its password digest file for an entry with its own call sign as the client and the server station's call sign as the server. If it cannot find such an entry, it responds with '/EAUTH' and the operator at the client station is informed that authentication has failed. If the needed entry is found, vARIM computes a response token which proves that it knows the shared secret. The response is: where: Thus the response to each challenge is unique, in a way dependent on the nature of the request and the nonce issued by the challenger. This makes "replay" attacks difficult to mount and recovery of the password from the response token computationally infeasible. vARIM sends the response token plus a challenge nonce to the server station in the form of the /A2 command.
  4. At the server station, vARIM receives the /A2 command and checks the challenge response token it contains. It does this by computing the response token it expects using the password digest token (HA1) stored in the password digest file it owns. It compares this with the response token received from the client station. If they don't match, then the client station must not have the same password digest that vARIM has stored locally. In this case vARIM will send /EAUTH to the client station where the operator will be informed that authentication has failed. If they match, then the client station has proven its authenticity and vARIM will send a response to the challenge contained in the /A2 command. As before, this is computed as H(HA1:nonce:HA2), using the challenge nonce received from the client station. It sends this response to the client station in the form of the /A3 command.
  5. At the client station, vARIM receives the /A3 command and checks the challenge response token it contains. It does this by computing the response token it expects using the password digest token (HA1) stored in the password digest file it owns. It compares this with the response token received from the server station. If they don't match, the server station must not have the same password digest that vARIM has stored locally. In this case vARIM will inform the operator that authentication has failed. If they match, then the server station has proven its authenticity and vARIM re-sends the command that triggered the process, unless it was the /auth command. In that case there is no work to do, so vARIM simply sends the /OK response to signal that the mutual authentication is complete.

To strike a reasonable balance between security and the "air time" cost of the challenge/response data exchanges, challenge nonces contain 6 bytes of data and the Blake2 response hash is truncated to 21 bytes, or 168 bits (big enough for excellent collision resistance). These are sent in base64 encoded form making the over-the-air sizes 8 and 28 bytes respectively.

ARQ: File access control

Shared files directories at a station can be designated as access-controlled with the ac-files-dir parameter in the varim.ini configuration file. These resources are available only to stations that successfully authenticate themselves in an ARQ session. By default, the authentication process is triggered automatically on the first attempt by a station to access a controlled resource. Here is an example:

vARIM

The operator at NW8L connects to KA8RYU and attempts to download a access-controlled file, admin/contact-list.txt. This triggers an authentication challenge from KA8RYU in the form of the /A1 command. The mutual authentication succeeds, so the download command /FGET is automatically repeated and the file is downloaded.

If mutual authentication succeeds, subsequent accesses of controlled resources on the remote station proceed normally.

Alternatively, the operator at NW8L can send the authenticate the remote station pre-emptively before attempting to access controlled directories and their contents. In this case, if station KA8RYU is unable to find a password digest file entry for NW8L, it sends the /EAUTH response and the operator at NW8L is alerted:

vARIM

Otherwise the authentication process proceeds as usual.

Note: shared files directories defined by add-files-dir parameters in the varim.ini configuration file are not access-controlled. These are accessible by any station. Likewise, the root shared files directory is always accessible by any station for file listing, uploads and downloads.

ARQ: Password management

Passwords are created within vARIM and stored in digest ("hashed") form in a file. Passwords are hashed with a salt (the call signs of the corresponding stations), so that any given password results in unique hash for different call sign pairs. This hash is identical to the HA1 term used in the digest authentication scheme, so it can be read out of the password digest file when needed, making it unnecessary to store the original password. Mathematically, the Blake2 hash function is a strong one way function; it is computationally infeasible to recover the password from the hash. Because the password hash is stored in a file the authentication process can operate without operator intervention; there's no need to remember and enter the password each time.

In the context of an ARQ session, the term client refers to the station where an operator triggers the authentication process by:

When this happens the other station assumes the role of server and responds with an authentication challenge. These definitions imply that an operator is always present at the client station, but not at the server station, which is assumed to be operating automatically. However, once an ARQ connection is established between two stations, the operator at either end can seize the client role by being the first to trigger the mutual authentication process.

Let's assume that client call sign is KA8RYU, and the server call sign is NW8L. Choose ARQ->Create or Change Auth Password... from the main menu to open the Create or Change Auth Password dialog box. Enter the call sign of the client station, the call sign of the server station, and the password:

vARIM

Press OK to store the password.

vARIM

The operation will be confirmed.

This command must be executed at both stations to store the password digest on each. If this is done, KA8RYU can connect to NW8L and successfully authenticate if challenged. However, this doesn't mean that the reverse is true: NW8L can't connect to KA8RYU and do the same. To make this possible the process must be repeated at each station with NW8L specified as the client, and KA8RYU as the server:

vARIM

Now either station can connect to the other and play the role of client to the other station's role of server in the authentication process. Note that a different password is used; this is the best practice. If we read the arim-digest password digest file at either station by choosing File->View Auth Password File... from the main menu we see the newly created password entries:

vARIM

There are two entries, one for KA8RYU as client and NW8L as server, and another for NW8L as client and KA8RYU as server. This allows both one-way and two-way relationships to be defined. For instance, a station serving as a document repository can issue passwords to multiple stations who connect to it as clients and access the controlled files it offers. However, no such password is issued to the repository station by the client stations; it cannot connect to any of them in the client role and authenticate for the purpose of accessing any controlled resources they publish.

To protect against accidental disclosure of password digest file contents, any file named 'arim-digest', or variations like 'arim-digest.bak', no matter where located in the file system, are protected against access by a remote station. Avoid easy-to-guess passwords, and never include the call signs of the client or server stations in the password. While the base64 encoded Blake2 digest (HA1) may look quite random, it contains only as much entropy as the original password, so choose passwords well. Note: passwords are case sensitive!

Choose ARQ->Delete Auth Password... from the main menu to delete a password digest from the arim-digest file. The Delete Auth Password dialog box opens:

vARIM

Let's assume we want to delete the password digest for client-call KA8RYU, and server-call NW8L. Enter these calls and press OK You will be prompted to confirm the deletion:

vARIM

Press Yes to delete the password digest from the file.

ARQ: Sending queries to the remote station

When connected to a vARIM station, the following queries may be sent to the remote station:

Choose ARQ->Send Query... from the main menu.

vARIM

Select the desired query and press OK. Here we see the response:

vARIM

If you prefer to use the keyboard, press <SP> to open the command prompt. Enter one of the commands listed above, for example:

Working with the message inbox

Select the Msg Inbox tab.

vARIM

This is a listing of headers for messages received. They are numbered in reverse chronological order (most recent first). Headers contain the following information, from left to right:

To read a message, right-click its header line and choose Read... from the pop-up menu:

vARIM

This opens the message viewer.

vARIM

Press Done to quit. Shortcut: double-click a header line to read the message.

Several actions can be taken here:

These are shortcuts for the pop-up menu options described below.

To kill a message, right-click its header line and choose Kill from the pop-up menu. The message is deleted from the Inbox.

To save a message to a text file, right-click on its header line and choose Save... from the pop-up menu. The Save Message dialog box opens:

vARIM

Navigate to the desired directory, enter a meaningful file name, and press OK to save.

To reply to a message, right-click its header line and choose Reply... from the pop-up menu:

The Reply to Message dialog box opens:

vARIM

Enter your reply text. If connected, press Send to send the message. Otherwise, press Save to Outbox to store the message in the Outbox to be sent later. Press Cancel to abandon any edits and close the dialog box. During an ARQ session, the Reply... option is available only if the callsign of the sender matches the callsign of the remote station. The Use compression option is available only during an ARQ session.

To forward a message to another station, right-click its header line and choose Forward... from the pop-up menu. The Forward Message dialog box opens:

vARIM

If not connected, enter the call sign of the destination station. Add or edit text in the message body. If connected, press Send to send the message. If not connected, press Save to Outbox to store the message in the Outbox to be sent later. Press Cancel to abandon any edits and close the dialog box. The Use compression option is available only during an ARQ session. In that case the message is forwarded to the connected station, whose call sign is automatically entered and cannot be changed.

To clear the status flags for a message, right-click its header line and choose Clear flags from the pop-up menu.

Note: the automatic message purge process runs whenever vARIM is started. This discards messages whose age in days exceeds the limit set by the max-msg-days parameter in the [arim] section of the varim.ini configuration file. Set it to 0 to disable automatic message purging. The default setting is 0.

Working with the message outbox

Select the Msg Outbox tab.

vARIM

This is a listing of headers for outbound messages ready to be sent. Previously composed messages and messages saved after a failed send operation are stored here. They are numbered in reverse chronological order (most recent first). Headers contain the following information, from left to right:

To read a message, right-click its header line and choose Read... from the pop-up menu:

vARIM

This opens the message viewer.

vARIM

Press Done to quit. Shortcut: double-click a header line to read the message.

Several actions can be taken here:

These are shortcuts for the pop-up menu options described below.

To kill a message, right-click its header line and choose Kill from the pop-up menu. The message is deleted from the Inbox.

To save a message to a text file, right-click on its header line and choose Save... from the pop-up menu. The Save Message dialog box opens:

vARIM

Navigate to the desired directory, enter a meaningful file name, and press OK to save.

During an ARQ session, you can send a message in the outbox to another station. Right-click its header line and choose Send... from the pop-up menu. The Send Message dialog box opens:

vARIM

You can edit the message if needed. Press OK to send the message. Press Cancel to abandon any edits and close the dialog box. The Use compression option is only available in ARQ mode. In that case the message is sent to the connected station, whose call sign is automatically entered and cannot be changed.

To clear the status flags for a message, right-click its header line and choose Clear flags from the pop-up menu.

Note: the automatic message purge process runs when vARIM is started. This discards messages whose age in days exceeds the limit set by the max-msg-days parameter in the [arim] section of the varim.ini configuration file. Set it to 0 to disable automatic message purging. The default setting is 0.

Working with sent messages

Select the Sent Messages tab.

vARIM

This is a listing of headers for messages previously sent. Headers contain the following information, from left to right:

To read a message, right-click its header line and choose Read... from the pop-up menu:

vARIM

This opens the message viewer.

vARIM

Press Done to quit. Shortcut: double-click a header line to read the message.

Several actions can be taken here:

These are shortcuts for the pop-up menu options described below.

To kill a message, right-click its header line and choose Kill from the pop-up menu. The message is deleted from the Inbox.

To save a message to a disk file, right-click on its header line and choose Save... from the pop-up menu. The Save Message dialog box opens:

vARIM

Navigate to the desired directory, enter a meaningful file name, and press OK to save.

To forward a message to another station, right-click its header line and choose Forward... from the pop-up menu. The Forward Message dialog box opens:

vARIM

If not connected, enter the call sign of the destination station. Add or edit text in the message body. If connected, press Send to send the message. If not connected, press Save to Outbox to store the message in the Outbox to be sent later. Press Cancel to abandon any edits and close the dialog box. The Use compression option is available only during an ARQ session. In that case the message is forwarded to the connected station, whose call sign is automatically entered and cannot be changed.

To clear the status flags for a message, right-click its header line and choose Clear flags from the pop-up menu.

Note: the automatic message purge process runs whenever vARIM is started. This discards messages whose age in days exceeds the limit set by the max-msg-days parameter in the [arim] section of the varim.ini configuration file. Set it to 0 to disable automatic message purging. The default setting is 0.

Message tracing

The optional message tracing feature inserts headers like Received: from KA8RYU by NW8L; Jan 30 2019 05:01:48 UTC into received messages. If the message is forwarded to another station with tracing enabled, another Received: header is added by the receiving station, and so on. In this way a record of the message's progress through a network is built up as it is forwarded from station to station (read from bottom to top).

vARIM

The Received: headers are visible in the message viewer together with the From: and To: headers. However, being message header lines, they are not visible and cannot be changed when sending or forwarding a message. This feature is compatible with previous versions of vARIM and ARIM.

The timestamp included in the Received: headers indicates time of receipt, either local time or UTC time at the receiving station, as set by the utc-time parameter in the [ui] section of the varim.ini configuration file. No time zone is included for stations configured for local time stamps (utc-time=FALSE).

Message tracing is enabled or disabled by the value of the msg-trace-en parameter in the [arim] section of the configuration file. Set to TRUE to enable tracing or FALSE to disable it. The default value is FALSE.

Working with the local shared files viewer

Select the Local Files tab.

vARIM

The viewer opens in the shared files root directory defined by the files-dir parameter in the [arim] section of the varim.ini configuration file. The directory path is shown in the title of the viewer window.

The contents of the directory are listed, one to a line. For files, the name, size in bytes and the last-modified date are shown. For subdirectories, the name and last-modified date are shown. Access-controlled subdirectories defined by the ac-files-dir configuration file parameter are indicated with the ! (bang) character like this: !DIRECTORY.

To send a file to the remote station during an ARQ session, right-click its listing and choose Send File... from the pop-up menu:

vARIM

The Send File dialog box opens.

vARIM

Check Use compression if you wish to compress the file to reduce transfer time. To upload the file to a directory other than the default download directory at the remote station, enter its path in the To remote directory: field This path must be relative to the shared files root directory, e.g. contests/2016 and must made visible by an add-files-dir configuration file parameter at the remote station. Press OK to start the upload.

To open a file for viewing or editing, right-click its listing and choose Open File... from the pop-up menu. The Open Text File editor window opens:

vARIM

If you make changes, press Save to save them to file and close the editor. Shortcut: double-click a file listing to open it for viewing or editing.

To open a directory, right-click its listing and choose Open Directory from the pop-up menu:

vARIM

The contents of the tab will be replaced with a listing of the newly opened directory. The listing includes the parent directory (..) as item number 1. Shortcut: double-click a directory listing to open it.

To reload a directory listing, right-click and choose Reload Directory from the pop-up menu.

Viewing and editing files

Text files listed in the shared files viewer can be opened for viewing and editing from the vARIM menu. Choose File->Open Text File... from the main menu. The Open Text File dialog box opens. Select the file, then press OK to open the file in the Open Text File editor window. If you make changes, press Save to save them to file and close the editor.

Serving dynamic files

Dynamic files are used to return output from a script or system command executed by vARIM in response to a file query.

Dynamic file aliases appear in listings of the shared files root directory at a remote station. Because the size of the output is not known in advance, no file size is shown; instead the DYN identifier appears, like this:

vARIM

Here's a sample of the spwxfc dynamic file output as seen in an ARQ session:

vARIM

Dynamic file aliases are defined in the [arim] section of the varim.ini configuration file. The format is alias:command where alias is the name used to access the file and command is the invocation of the command or script, separated by a : (colon) character. For example:

dynamic-file = spwxfc:python /home/nw8l/scripts/forecast.py

Make sure that alias is unique among the other dynamic file definitions and file names in the shared files directory. Use absolute paths to script files when vARIM is built from source and installed. Relative paths can be used for "portable" binary installations where the script files are contained in same directory as the arim executable file. You may define no more than 16 dynamic files.

In response to the query sq file alias, command will be executed in a shell and its output returned in the response. command can be a batch file, a script invocation like python myscript or a system command like date or uname -a. The output size in bytes is limited by the max-file-size parameter in the [arim] section of the varim.ini configuration file. Errors generated by dynamic file scripts are written to a file named dyn-file-error.log in the log directory.

RF channel busy detect

vARIM listens for BUSY notifications from the VARA modem, which are sent to the host program when a signal is detected in the RF channel. When the channel is busy, vARIM displays the BUSY indicator in the status bar:

vARIM

vARIM will check the RF channel busy status when the operator initiates an ARQ connection. If the RF channel is busy, vARIM will cancel the operation and an error message will be shown on the status bar. This helps prevent collisions between transmissions on a busy channel.

The modem does not send BUSY notifications to the host program during an ARQ session.

Logging

Logging can be enabled or disabled in the [log] section of the varim.ini configuration file. These are the traffic log and the debug log.

These log files are created in the logs subdirectory of the vARIM working directory. By default, logging output for all ports is directed here.

However, this arrangement doesn't work well if more than one instance of vARIM is running at the same time. In this case, logging output from each instance can be directed to separate directories with settings in the [port] sections for each port in the varim.ini configuration file. Settings made here override the default settings in the [log] section when that port is attached. This prevents intermingling of the logging output from different ports in the default log files.

Another log file, the dynamic file error log, is always enabled. It logs error messages from scripts or programs that generate dynamic file text output.

By default, logs are kept in the log subdirectory of the vARIM working directory (or the $HOME/varim directory if vARIM is installed) unless directed to a different location for a particular port by parameters in the [port] section of the varim.ini configuration file. Logs are automatically rotated every 24 hours. The file name format is name-YYYYMMDD.log where name is either traffic, debug or dyn-file-error, followed by the date, e.g. traffic-20161114.log.

To view a log file, choose File->View Log File... from the main menu. The Select Log File dialog box opens in the currently active log file directory. Select a log file and press OK to open it for reading.

Running vARIM on Cygwin/X

If you are already running ARIM on Cygwin, it's easy to run vARIM also if the X Window System is installed (Cygwin/X).

To install the X Window System:

To start the X Window System on Cygwin:

To install vARIM on Cygwin/X:

To start vARIM on Cygwin/X:

To shut down the X Window System on Cygwin:

Copyright © 2016-2020 by Robert Cunnings NW8L.  Last modified: 05 July 2020.