[OpenAFS-devel] Testing: how to generate random valid KeyFile
without kerberos
Troy Benjegerdes
hozer@hozed.org
Mon, 17 Sep 2012 09:03:53 -0500
Would it make more sense to have afsconf_typedKey_new do a sanity
check and at least try to log or print an error if the key has
bad parity?
On Mon, Sep 17, 2012 at 04:56:02AM -0400, Jeffrey Altman wrote:
> DES keys have parity checks built in. Your made up key probably
> is not valid.
>
> Exercise: add a check for key validity to asetkey in the add key from
> command line case.
>
>
> On Monday, September 17, 2012 12:01:48 AM, Troy Benjegerdes wrote:
> > I'm attempting to automate creation of a new cell in a VM,
> > and I'd like to be able to create a random KeyFile without ever
> > using Kerberos.
> >
> > I can't seem to get it to work right (bos communications fail),
> > so I'm wondering if someone has a working example of this.
> >
> >
> > root@amd64:~# asetkey add 1 "deadbeefbabeb00b"
> > root@amd64:~# bos_util list
> > kvno 0: key is '??????
> > ' '\336\255\276\357\272\276\260\013'
> > kvno 1: key is '??????
> > ' '\336\255\276\357\272\276\260\013'
> > All done.
> >
> >
> > I get errors like this:
> >
> >
> > root@amd64:~# bos status -localauth -server localhost
> > In tkt_MakeTicket: key_sched returned -1
> > bos: running unauthenticated
> > bos: failed to contact host's bosserver (communications failure (-1)).
> > root@amd64:~# ps uax | grep bos
> > root 956 0.2 3.4 9820 4180 ? Ss 03:55 0:00 /usr/sbin/bosserver
> > root 960 5.0 0.5 6028 656 tty1 S+ 03:55 0:00 grep bos
> >
> >
> >
> >
> > _______________________________________________
> > OpenAFS-devel mailing list
> > OpenAFS-devel@openafs.org
> > https://lists.openafs.org/mailman/listinfo/openafs-devel
>