Hi, RepeaterPhone developer here.
There are generally three ways to authenticate when connecting to an AllStarLink node:
-
DNS based authentication. When nodes come online, they register themselves with the ASL DNS system. When one node A requests to connect to node B, node B will query DNS for the details about node A. If the details match, node A is considered authenticated and trusted to connect.
-
IAX local authentication. In this scheme, an IAX client presents a username and password that must match credentials that are configured in the ASL config file. If the credentials match, the client is authenticated and may connect.
-
IAX “allstar-public” authentication. Also called “web transceiver” This is a variation on the username and password above. However, instead of the individual user credentials being stored locally in the ASL config file, the IAX client logs in to the allstarlink.org website and obtains a token. Then, when the client connects to a node, it presents the user’s callsign and token. The node will query allstarlink.org to see if the credentials are valid. If the query is successful, the client is authenticated and may connect.
RepeaterPhone supports the latter 2 mechanisms. The ‘allstar-public’ method is the most convenient for a lot of users because, since the verification authority (allstarlink.org) is centralized, it doesn’t require the node admins to manually add an entry for everyone that might want to connect.