ROS Index
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.2.5 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | jazzy |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Changelog for package zenoh_security_tools
0.2.5 (2025-06-18)
- Add zenoh_security_tools (#661)
- Contributors: Alejandro Hernández Cordero
0.2.4 (2025-04-20)
-
Revert "Add zenoh_security_tools (#595) (#609)" (#611) This reverts commit aa23ecd91ee455bc6a529fb3cde0b77a8ba39911.
-
Add zenoh_security_tools (#595) (#609)
- Added zenoh_security_configuration_tools package written in cpp
- Added domain id
* Update policy_parser to use nlohmann_json.hpp Since we have the dependency now via #583, this is a potential improvement to the current string concatenation.
- Further json changes
- Refactor package to zenoh_security_tools
- Inject certificates if enclaves provided
- Replace existing endpoints with tls instead of hardcoded changes
- Update README.md
- Also generate router config with security
* Drop CLI11 dependency ---------Co-authored-by: Alejandro Hernandez Cordero <<ahcorde@gmail.com>> Co-authored-by: Michael Carroll <<mjcarroll@intrinsic.ai>> (cherry picked from commit 1dca3c35ba4616827db18c8a4658c259fa982144) Co-authored-by: yadunund <<yadunund@gmail.com>>
-
Contributors: mergify[bot], yadunund
0.2.3 (2025-03-20)
0.2.2 (2025-02-19)
0.2.1 (2025-02-04)
0.2.0 (2025-01-02)
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.6.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | kilted |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_security_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.8.0 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | rolling |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_security_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |
Dependant Packages
Launch files
Messages
Services
Plugins
Recent questions tagged zenoh_security_tools at Robotics Stack Exchange
|
|
zenoh_security_tools package from rmw_zenoh repormw_zenoh_cpp zenoh_cpp_vendor zenoh_security_tools |
ROS Distro
|
Package Summary
| Tags | No category tags. |
| Version | 0.1.2 |
| License | Apache License 2.0 |
| Build type | AMENT_CMAKE |
| Use | RECOMMENDED |
Repository Summary
| Checkout URI | https://github.com/ros2/rmw_zenoh.git |
| VCS Type | git |
| VCS Version | humble |
| Last Updated | 2025-06-24 |
| Dev Status | DEVELOPED |
| CI status | No Continuous Integration |
| Released | RELEASED |
| Tags | No category tags. |
| Contributing |
Help Wanted (0)
Good First Issues (0) Pull Requests to Review (0) |
Package Description
Additional Links
Maintainers
- Alejandro Hernanadez
Authors
zenoh_security_tools
The zenoh_security_tools package contains the generate_configs executable which generates Zenoh session config files with access control, authentication and encryption parameters based on policies and keystores generated using sros2.
Usage
ros2 run zenoh_security_tools generate_configs -h
Generate Zenoh session configs with security artifacts.
Options:
-h,--help Print this help message and exit
-p,--policy TEXT REQUIRED The path to the Access Control Policy file.
-e,--enclaves TEXT The directory with the security enclaves for the various nodes in the policy file.
-d,--ros-domain-id UINT REQUIRED The ROS Domain ID.
-c,--session-config TEXT REQUIRED The path to the Zenoh session config file.
-r,--router-config TEXT REQUIRED The path to the Zenoh router config file.
Example of configuring security rmw_zenoh
The process of setting up security is very similar to this tutorial but instead of relying on security environment variables and passing enclaves to nodes, we’ll
pass Zenoh session configs with the desired security parameters configured to rmw_zenoh.
These modified session configs are generated using the tool above.
Setup
The steps below will walk us through running rmw_zenoh with security enabled for a simple talker-lister system.
First create a directory for security artifacts and configs that will be generated.
mkdir ~/sros2_demo
Generate a keystore
cd ~/sros2_demo
ros2 security create_keystore demo_keystore
Generate the certificates for authentication and encryption
Generate security files for the talker and listener nodes, and the zenohd router respectively.
ros2 security create_enclave demo_keystore /talker_listener/talker
ros2 security create_enclave demo_keystore /talker_listener/listener
ros2 security create_enclave demo_keystore /talker_listener/zenohd
Generate the policy.xml for access control
Launch zenohd
ros2 run rmw_zenoh_cpp rmw_zenohd
Launch the listener
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp listener
Launch the talker
export RMW_IMPLEMENTATION=rmw_zenoh_cpp
ros2 run demo_nodes_cpp talker
Now run the policy generator from sros2
ros2 security generate_policy policy_listener_talker.xml
Finally, terminate all processes.
Try access control
Generate security configs without enclaves (only access control).
ros2 run zenoh_security_tools generate_configs \
--policy policy_listener_talker.xml \
--router-config <path to default router config>/DEFAULT_RMW_ZENOH_ROUTER_CONFIG.json5 \
--session-config <path to default session config>/DEFAULT_RMW_ZENOH_SESSION_CONFIG.json5 \
--ros-domain-id 0
This will generate Zenoh session config files for each node in the policy_listener_talker.xml file.
Run the talker with the new config file
```bash export ZENOH_SESSION_CONFIG_URI=talker.json5 ros2 run demo_nodes_cpp talker [INFO] [1740601932.350808475] [talker]: Publishing: ‘Hello World: 1’ [INFO] [1740601933.350487483] [talker]: Publishing: ‘Hello World: 2’
File truncated at 100 lines see the full file
Wiki Tutorials
Package Dependencies
| Deps | Name |
|---|---|
| ament_lint_auto | |
| ament_lint_common | |
| rcpputils | |
| rcutils | |
| rmw | |
| rmw_dds_common | |
| tinyxml2_vendor | |
| zenoh_cpp_vendor |
System Dependencies
| Name |
|---|
| nlohmann-json-dev |