- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- Identification and Security
- :
- Secure Authentication
- :
- ssscli via accessManager
ssscli via accessManager
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am trying to establish a channel to SE050ARD-E/RPI over an IP link. In one ssh window I have:
# se/accessManager plain
Starting accessManager (Rev.1.1).
Protect Link between accessManager and SE: NO.
accessManager JRCPv1 (T1oI2C SE side)
******************************************************************************
Server: waiting for connections on port 8040.
Server: only localhost based processes can connect.
And in another ssh window:
root@raspberrypi:~ # ssscli connect se05x jrcpv1 127.0.0.1:8040 --auth_type PlatformSCP --scpkey /root/simw-top/se050E_scp_keys.txt
root@raspberrypi:~ # ssscli se05x uid
smCom :ERROR:opening failed...
Failed to open the i2c bus: No such file or directory
smCom :INFO :Pass i2c device address in the format <i2c_port>:<i2c_addr(optional. Default 0x48)>.
smCom :INFO :Example ./example /dev/i2c-1:0x48 OR ./example /dev/i2c-1
smCom :ERROR:phPalEse_i2c_open_and_configure Failed retry
smCom :ERROR:I2C init Failed: retval d
smCom :ERROR:phPalEse_Init Failed
smCom :ERROR: Failed to create physical connection with ESE
sss :ERROR:SM_I2CConnect Failed. Status 7012
WARNING:sss.session:# Connection parameters:
WARNING:sss.session:# subsystem : se05x
WARNING:sss.session:# connection_type : jrcpv1
WARNING:sss.session:# connection_data : 127.0.0.1:8040
ERROR:cli.cli:sss_session_open failed. status: FAILED
Why does it try use i2c port instead of jrcpv as instructed? What is the right way of doing it?
Solved! Go to Solution.
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @psvz ,
Yes, the channel between accessManager and SE050 can be secured with SCP03 protocol. Please kindly refer to the following for more details.
The accessManager takes two optional arguments 'plain' & 'any'
'accessManager':
Platform SCP03: ON.
Incoming connection: localhost.
'accessManager plain':
Platform SCP03: OFF.
Incoming connection: localhost.
'accessManager any':
Platform SCP03: ON.
Incoming connection: any supported address.
'accessManager plain any':
Platform SCP03: OFF.
Incoming connection: any supported address.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @psvz ,
So far ssscli is not supported to work with accessManager , the interface option for AM is JRCP_V1_AM, not JRCP_V1/2, please kindly refer to simw-top/doc/demos/se05x/se05x_ConcurrentEcc/readme.html for details regarding clients working with accessManager.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @Kan_Li - I can see in the readme "The user session must be without platform SCP03. Platform SCP03 is handled by the Access Manager."
I understand encryption terminates at the Access Manager, so the host sees cleartext before the Access Manager re-encrypt it with SCP03. Could you please confirm?
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @psvz ,
Yes, the channel between accessManager and SE050 can be secured with SCP03 protocol. Please kindly refer to the following for more details.
The accessManager takes two optional arguments 'plain' & 'any'
'accessManager':
Platform SCP03: ON.
Incoming connection: localhost.
'accessManager plain':
Platform SCP03: OFF.
Incoming connection: localhost.
'accessManager any':
Platform SCP03: ON.
Incoming connection: any supported address.
'accessManager plain any':
Platform SCP03: OFF.
Incoming connection: any supported address.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
