Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 21 Oct 1998 13:23:24 -0500 (CDT)
From:      Frank Tobin <ftobin@bigfoot.com>
To:        security@FreeBSD.ORG
Subject:   SKIP
Message-ID:  <Pine.BSF.4.05.9810211301040.11350-100000@isr3277.urh.uiuc.edu>
next in thread | raw e-mail | index | archive | help 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- From the looks of it and documentation of it, SKIP seems to be a very nice
secure-communications program; however, I'm having a lot of difficulty
getting it to communicate with other machines.  Here's a summary of what
I've done and attempted:

- - Installed via the port's Makefile.
- - Verified skipd is starting up okay, a public and secret key exists.
- - Added a SKIP-secure host in the authorized list (via skiptool).
- - Attempted connections via ping, and failed.
- - Transferred public keys manually to each machine; connections still 
  failed.

- - /var/log/messages has lines such as:
  
  Oct 20 21:28:44 isr3277 skipd: sending CDP request for nsid=1
   mkid=c7588652 to 199.88.134.82 
  Oct 20 21:28:44 isr3277 skipd: IP 199.88.134.82:1640 action=getfail
    nsid=1 mkid=c7588652 cert=NULL : response=getfail 
  Oct 20 21:28:49 isr3277 skipd: NOCERT: kernel query nsid=1 mkid=c7588652

  *Note* the above logs were after attempting to communicate with a
  machine I had _not_ transferred public keys with manually.  I don't have
  the logs that say what happened with the machine I did transfer keys
  with.

- - SKIP _does_ deny the disallowed hosts.


All of this was reciprocally done on two other remote machines to test
with (e.g., SKIP was setup in the same manner on the other machine I was 
attempting to connect with).

I've read through all of the documentation, especially the sections that
deal with 'Why isn't it working?' to no avail.  I've tried everything (I
think).  This looks like a lovely program, one I'd really like to get
working, and _any_ help such as noting common pitfalls when setting it up
would be extremely appreciated.

- -- 

Frank Tobin			"To learn what is good and what is to be
http://www.bigfoot.com/~ftobin	 valued, those truths which cannot be
				 shaken or changed." Myst: The Book of Atrus
FreeBSD: The Power To Serve


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQA/AwUBNi4YnAL4UDr0DrZeEQKkbgCfXXkETrE+leRXkaOPr75toKOUGLsAoPad
YFsYw0O2og7yDxfD02IlWOWQ
=BJil
-----END PGP SIGNATURE-----


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9810211301040.11350-100000>