dhcpd.conf and omapi-key question
Mikolaj Kucharski
mikolaj at kucharski.name
Fri Sep 26 13:39:32 UTC 2008
Hi,
I've configured dhcpd(8) with omapi port enabled:
% /etc/dhcpd.conf
...
omapi-port 7911;
omapi-key omapi_key;
key omapi_key {
algorithm hmac-md5;
secret XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==;
}
...
Various resources found on the net, as well as the dhcpd.conf(5) manual
page describe generation of the keys with dnssec-keygen, or dns-keygen
which I think can be done in much simpler way. Example command from
dhcpd.conf(5) manual page which generates 128 bit secret key:
% dnssec-keygen -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER
Can someone confirm that this secret key is just random data, and can be
generated with any tool like OpenSSL and copy-pasted to the dhcpd(8)
config file? Example of 512 bit key generation with openssl(1):
% openssl rand -base64 64 | tr -d '\n'; echo
Could someone explain that they key doesn't depend any way on the
algorithm used in above config example?
Are there any key requirements for hmac-md5?
Details of my system:
% rpm -q dhcp centos-release
dhcp-3.0.5-13.el5
centos-release-5-2.el5.centos
--
best regards
q#
More information about the dhcp-users
mailing list