Skip to content

Commit 9781d58

Browse files
jafialajafiala
authored
Add information on the algorithm choice - remote (#4337)
1 parent 38038b1 commit 9781d58

File tree

1 file changed

+21
-14
lines changed

1 file changed

+21
-14
lines changed

guides/common/modules/proc_enabling-omapi-authentication-in-isc-dhcp.adoc

Lines changed: 21 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -15,39 +15,46 @@ The integration of an existing remote ISC DHCP service requires that you enable
1515
+
1616
[options="nowrap" subs="+quotes"]
1717
----
18-
# tsig-keygen -a hmac-md5 _omapi_key_
18+
# tsig-keygen -a _Algorithm_Name_ _My_Key_Name_
1919
----
2020
+
21-
Note that {Project} supports only the `hmac-md5` algorithm for OMAPI authentication.
22-
// See: https://projects.theforeman.org/issues/36325
21+
--
22+
Use the following values in the command:
23+
24+
`_Algorithm_Name_`:: Specifies the algorithm to be used to generate the key.
25+
You can use any of the values specified in the `tsig-keygen(8)` man page on your system.
26+
The default algorithm is HMAC-SHA256.
27+
`_My_Key_Name_`:: Specifies the name of the OMAPI key.
28+
The default name is `tsig-key`.
29+
--
2330
+
24-
Example output:
31+
The command outputs key information in the following format:
2532
+
2633
[source, none, options="nowrap" subs="+quotes"]
2734
----
28-
key "omapi_key" {
29-
algorithm hmac-md5;
30-
secret "4z1jwYO0RGUTJbWDepFBdg==";
35+
key "_My_Key_Name_" {
36+
algorithm _Algorithm_Name_;
37+
secret "_Key_Secret_";
3138
};
3239
----
3340
. Edit the `/etc/dhcp/dhcpd.conf` file, and append the following settings:
3441
+
3542
[source, none, options="nowrap" subs="+quotes"]
3643
----
37-
key _omapi_key_ {
38-
algorithm hmac-md5;
39-
secret "_key_secret_";
44+
key "_My_Key_Name_" {
45+
algorithm _Algorithm_Name_;
46+
secret "_Key_Secret_";
4047
};
4148
omapi-port 7911;
42-
omapi-key _omapi_key_;
49+
omapi-key _My_Key_Name_;
4350
----
4451
+
4552
The settings specified in the example include the following:
4653
+
47-
`key _omapi_key_`:: Defines the key, its algorithm and encrypted password.
54+
`key "_My_Key_Name_"`:: Defines the key, its algorithm and encrypted password.
4855
Use the output of the `tsig-keygen` command for this directive.
49-
`omapi-port 7911;`:: Enables the OMAPI protocol in ISC DHCP and defines the port of the protocol.
50-
`omapi-key _omapi_key_`:: Defines the name of the key the OMAPI interface uses.
56+
`omapi-port 7911`:: Enables the OMAPI protocol in ISC DHCP and defines the port of the protocol.
57+
`omapi-key _My_Key_Name_`:: Defines the name of the key the OMAPI interface uses.
5158
The name must match the one you specified in the `tsig-keygen` command.
5259
. Restart the `dhcpd` service:
5360
+

0 commit comments

Comments
 (0)