From owner-freebsd-questions@FreeBSD.ORG Wed Dec 10 14:51:50 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4DC11106564A for ; Wed, 10 Dec 2008 14:51:50 +0000 (UTC) (envelope-from Pieter.Donche@ua.ac.be) Received: from hmacs.cmi.ua.ac.be (hmacs.cmi.ua.ac.be [143.129.75.10]) by mx1.freebsd.org (Postfix) with ESMTP id DD7A58FC1E for ; Wed, 10 Dec 2008 14:51:49 +0000 (UTC) (envelope-from Pieter.Donche@ua.ac.be) Received: from hmacs.cmi.ua.ac.be (localhost [127.0.0.1]) by hmacs.cmi.ua.ac.be (8.13.8+Sun/8.13.8) with ESMTP id mBAEpl5G005988 for ; Wed, 10 Dec 2008 15:51:47 +0100 (CET) Received: from localhost (pdon@localhost) by hmacs.cmi.ua.ac.be (8.13.8+Sun/8.13.8/Submit) with ESMTP id mBAEplVD005985 for ; Wed, 10 Dec 2008 15:51:47 +0100 (CET) X-Authentication-Warning: hmacs.cmi.ua.ac.be: pdon owned process doing -bs Date: Wed, 10 Dec 2008 15:51:47 +0100 (CET) From: Pieter Donche X-X-Sender: pdon@hmacs.cmi.ua.ac.be To: "mail.list freebsd-questions" In-Reply-To: <20081209185837.GA71505@marvin.optimis.net> Message-ID: References: <20081209185837.GA71505@marvin.optimis.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: omshell how to use X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Pieter Donche List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Dec 2008 14:51:50 -0000 To use omshell for changing dhcpd.conf, one needs to use a TSIG key. Did the following: # dnssec-keygen -a HMAC-MD5 -b 512 -n HOST omapi_key responded with: Komapi_key.+157+18443 and created the files: -rw------- 1 root admin 118 Dec 10 15:42 Komapi_key.+157+18443.key -rw------- 1 root admin 156 Dec 10 15:42 Komapi_key.+157+18443.private # cat Komapi_key.+157+18443.private Private-key-format: v1.2 Algorithm: 157 (HMAC_MD5) Key: Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ== Bits: AAA= # vi /usr/local/etc/dhcpd.conf and added the statements key omapi_key { algorithm HMAC-MD5; secret "Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ=="; }; omapi-key omapi_key; Then I started dhcpd, but it immediatly complains : Starting dhcpd ... /usr/local/etc/dhcpd.conf: line 10: invalid base 64 character 10 secret "Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu 1bM0ZzxdIhj0sQ=="; ^ /usr/local/etc/dhcpd.conf: line 12: Expecting a parameter or declaration What exactly does one have to specify on the 'secret' line ?? The manual for omshell or dnssec-keygen don't have examples... Please a real life example with all the relevant information ... > The command-line tool you're looking for is omshell. If you want > something different, then you're looking at implementing a wrapper > script or program of your own design. > > Never had the need to use omshell, but the following random Google > search result looks appropriate for what you're trying to do: > > >