I am not an expert nor have I even used this software in question.
However...
Pieter Donche wrote:
To use omshell for changing dhcpd.conf, one needs to use a TSIG key.
Did the following:
# dnssec-keygen -a HMAC-MD5 -b 512 -n HOST omapi_key
This appears to be an MD5 encrypted key.
responded with:
Komapi_key.+157+18443
and created the files:
-rw------- 1 root admin 118 Dec 10 15:42 Komapi_key.+157+18443.key
-rw------- 1 root admin 156 Dec 10 15:42
Komapi_key.+157+18443.private
# cat Komapi_key.+157+18443.private
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key:
Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==
Bits: AAA=
# vi /usr/local/etc/dhcpd.conf
and added the statements
key omapi_key {
algorithm HMAC-MD5;
secret
"Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==";
};
omapi-key omapi_key;
Then I started dhcpd, but it immediatly complains :
Starting dhcpd
...
/usr/local/etc/dhcpd.conf: line 10: invalid base 64 character 10
This seems to want a base64 encrypted key.
secret
"Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu
1bM0ZzxdIhj0sQ==";
^
/usr/local/etc/dhcpd.conf: line 12: Expecting a parameter or declaration
What exactly does one have to specify on the 'secret' line ??
The manual for omshell or dnssec-keygen don't have examples...
Please a real life example with all the relevant information ...
Sorry, I don't have any examples. However I suggest re-reading the docs
and looking for specifics on key encryption. That might be the "key" to
your success. :)
Cheers,
Drew
--
Be a Great Magician!
Visit The Alchemist's Warehouse
http://www.alchemistswarehouse.com
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
