hzeller
commented
9 years ago For the immediate case: Have a look in the home-directory pi@earl - there I have a rough script that opens the toplevel door with 'manual' means operating the GPIO pins directly. it needs to be adapted to take a parameter to distinguish between upper and lower which essentially selects the GPIO 8 or 7.
Having said that, something that remotely (and securely) opens the gate would be good. In general, there is the problem of authentication. RFID IDs must be considered public knowledge as anyone can read them out if they have access to the token. Often the ID is even printed on the token itself.
Our current (somewhat weak) security is based on the assumption that only someone with sufficient hardware building capability is able to radio-simulate the physical token towards the RFID reader if (s)he knows the token ID. Having said that, such a person is probably welcome in a Hackerspace :)
So to generate some authentication token, we would require reading in the physical RFID somewhere, e.g. the door, and with that create an 'application token' of some kind that is valid for some time. It could be a HMAC from the RFID key + ticket timeout, or, probably more secure w.r.t. leaked earl keys, simply random string that is valid for a while and kept in earls volatile memory, mapping that random key to the actual authentication token including its expiry time.
This authentication token can be used for temporary door accesses like these (and later to authenticate users on terminals etc.)
patrickod
It'd be neat to have a binary that opens the gate and door such that it could be used to buzz people in remotely. This use case has come up recently so opening an issue to note it. Hopefully will get a chance to do this myself soon.