GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  OWAMPD.PFS (5)

NAME

owampd.pfs - One-way latency server pass-phrase store

CONTENTS

Description
Security Considerations
Restrictions
See Also
Acknowledgments

DESCRIPTION

The owampd.pfs file is used to hold the identity/pass-phrase pairs needed for owampd to authenticate users. The format of this file is described in the pfstore(1) manual page. The location of this file is controlled by the -c option to owampd.

owampd uses symmetric AES keys for authentication. These keys are derived from a shared secret (the pass-phrase) using the PBKDF2 algorithm (RFC 2898) with an HMAC-SHA1 as the pseudorandom function.

Therefore, the owping client must have access to the exact same pass-phrase that the owampd server uses. Both the client and the server need to derive the same AES key for authentication to work. It is important that the system administrator and end user ensure the pass-phrase is not compromised.

If the owping client is able to authenticate using the identity and derived AES key, owampd will use the directives found in the owampd.limits file to map policy restrictions for this connection.

SECURITY CONSIDERATIONS

The pass-phrases in the owampd.pfs file are not encrypted in any way. (They are simply hex encoded.) The security of these pass-phrases are completely dependent upon the security of the filesystem and the discretion of the system administrator.

RESTRICTIONS

Identity names are restricted to 80 characters.

SEE ALSO

pfstore(1), owping(1), owampd(8), owampd.limits(5), and the  http://e2epi.internet2.edu/owamp/ web site.

ACKNOWLEDGMENTS

This material is based in part on work supported by the National Science Foundation (NSF) under Grant No. ANI-0314723. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.
Search for    or go to Top of page |  Section 5 |  Main Index


--> OWAMPD.PFS (5) $Date: 2006-11-07 00:54:55 -0500 (Tue, 07 Nov 2006) $

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.