change notice

CMS Changes to AWS Cluster. Bye-Bye Wien, Perth, Halifax, SanDiego.

The Winlink Team (WDT) migrated the old familiar CMS servers to the new AWS 'Cloud' CMS on Tuesday, October 31, at 1600 UTC (Noon EDT).

By the look of our logs, 99.9 percent of users are using the system without issues. All changes have proven to be invisible (totally transparent) and present no problems for most users. There are always exceptions, however. Here are the issues affecting selected users that we've seen so far:

1) You will not be able to connect using telnet with a third-party program set to use an IP-numbered CMS address. You must use a fully qualified domain name in telnet settings. Now that we're post-change, we recommend '' as a setting that will work into the future. Old CMS names will also work for at least one year after the transition, and will be phased out slowly as we detect their lack of use. These include '', '', '', '', '', and a few others.

2) Although the change is totally transparent, this does not fool intelligent humans. Knowing about a change, we expect to see the change appearing in our program logs and displays! But unless you're using an updated client or gateway program or have already made changes as suggested above to a third party program, you will continue to make connections labeled by your program with the old names. You're really connecting to the new CMS cluster, but your old program is masking that (lying). Don't be confused! Just watch for a program update, and get it, or change your configuration if the program leaves it up to you. This goes for all programs until they are updated, including utilities like RMS Link Test.exe.

3) Also, the new CMS cluster is sensitive to both upper- and lower-case passwords for accounts. The old CMS was not. Your account, if already established on the old CMS, will always use upper case alpha characters in usernames (call signs) and passwords. Applications that connect to the old CMS, including this web site, often eased the user experience by accepting either, and then converted your input to upper case before submitting to the CMS. Accordingly, if your account is already established on the old CMS and was transitioned, be sure to use UPPER CASE alpha characters if you find your application is getting rejected when you try inputting lower case characters. This includes our new webmail app. If you can't make it work after trying the possibilities, contact a Winlink administrator, or post on the support reflector. This has nothing to do with the common Telnet 'password' CMSTELNET, used in manual Telnet configurations in Airmail and other programs.

4) We have discovered a bug in our new CMS code that caused a disconnect when resuming partial message transfers. The CMS would send the following during a connection:

FS YNY!500 [or similar]
*** Rejected 1 messages as duplicates.
*** Receiving 1VKOPWJODQ0T
*** Disconnected at 2017/11/02 18:45:21

*** Disconnect reported.

There is a CMS fix in place, being tested now. Reports requested.

5) We found a bug, fixed in the next version of Paclink, that caused telnet connections on the new CMS to fail with "***Telnet access code does not match - Disconnecting" when a MARS service code was used in the program. The workaround until the new version is released is to use a different service code, i.e. PUBLIC.

6) If you saved mail in folders on the old webmail app, it was not migrated to the new webmail app on the new system, nor will it be. We found that users did not manage their saved mail and generally never accessed it. It has not been destroyed. If you have something very important to recover, please contact us and we will locate it and send it to you.

7) Iridium GO users with RMS Express will need to update to Express version and Iridium GO firmware version 1.5.2 to use a fix for a problem making Telnet connections to the new servers through our load balancer.

8) Users who have embedded Winlink maps or data in their own web pages will generally continue to pull from our servers without a problem because we have set redirects on the old servers. In embedded position reports that use the query string '?callsign=xxxx', the query string is not supplied to the new servers. For long-term reliability and complete compatibility, all users of embedded Winlink maps or data must update their web code to use new URLs. See the new URLs on the position reports page. Application developers using the Winlink API should contact your WDT contact for in-depth information about changes.

9) The web app called Sysop's Message Monitor returned the message "Unable to validate access to this application". This was a bug in the web site code that is now fixed.

Although the new servers have been under Beta test for a very long time, and a full-scale test was successful last summer, it's impossible to anticipate all issues with a complex system like Winlink. We will appreciate your reporting odd behavior to the Winlink-programs-group at google groups if you see anything questionable. You can navigate there with a click.

--The Winlink Development Team

Passwords with Keyboard Mode and APRSLink

Both keyboard mode and the APRS gateway now allow access with your Winlink password to the CMS using a simple challenge/response protocol. Your password is never sent in the clear over the air.

If secure login is enabled for your account (or, in the future, required). Send any command to initiate login. The CMS will respond with a challenge consisting of three digits who's values represent positions of characters within your password..

This is a six character response to the login challenge. Respond with three password characters corresponding to the positions in the challenge plus three additional characters of your choosing (in any order). Example: Password is ABC123. Login challenge is: 425. You send '1B2AZ5'. ABZ21TY would also be valid since it contains the characters 1, B, and 2.

No password is needed if the secure login account setting is off (check 'My account>Edit' at the Winlink web site). This option will go away once secure login (password validation) becomes mandatory next year.

Keyboard access will continue to accept the PW syntax announced earlier, but that will be disabled in a few weeks. Use the above method instead.

-Lee, K0QED
Winlink Development Team

Secure Login Now For Telnet Connections

Monday, October 26, 2015--Those who access the CMS via telnet keyboard mode with a dumb terminal are now able to use password-secured connections.

Currently, 'secure login' is an option users can select in their account settings ('My account > edit' on this web site), or by configuring their password in RMS Express. If chosen, it requires your Winlink password when logging into a CMS via a client program--and now also when using a dumb terminal in 'keyboard' mode, and when using packet networks.

An upcoming system change (date to be announced) will remove the option, and afterwards will require a valid Winlink password to always access your account. It is a good idea to start using secure login now.

To login with 'secure login' using keyboard mode, send "PW" followed by your Winlink password (ex., PW ABC123). This must be performed before you can use any of the normal keyboard commands. Help is available from the telnet server by typing H for a list of commands.

For clarity, this is not required if you currently have 'secure login' disabled and are attempting to login before the system change removing the option. It will always be required after the change date.

--The Winlink Development Team


Subscribe to RSS - change notice
Winlink Linkomatic