Would it make more sense to have afsconf_typedKey_new do a sanity check and at least try to log or print an error if the key has bad parity?
On Mon, Sep 17, 2012 at 04:56:02AM -0400, Jeffrey Altman wrote: > DES keys have parity checks built in. Your made up key probably > is not valid. > > Exercise: add a check for key validity to asetkey in the add key from > command line case. > > > On Monday, September 17, 2012 12:01:48 AM, Troy Benjegerdes wrote: > > I'm attempting to automate creation of a new cell in a VM, > > and I'd like to be able to create a random KeyFile without ever > > using Kerberos. > > > > I can't seem to get it to work right (bos communications fail), > > so I'm wondering if someone has a working example of this. > > > > > > root@amd64:~# asetkey add 1 "deadbeefbabeb00b" > > root@amd64:~# bos_util list > > kvno 0: key is '?????? > > ' '\336\255\276\357\272\276\260\013' > > kvno 1: key is '?????? > > ' '\336\255\276\357\272\276\260\013' > > All done. > > > > > > I get errors like this: > > > > > > root@amd64:~# bos status -localauth -server localhost > > In tkt_MakeTicket: key_sched returned -1 > > bos: running unauthenticated > > bos: failed to contact host's bosserver (communications failure (-1)). > > root@amd64:~# ps uax | grep bos > > root 956 0.2 3.4 9820 4180 ? Ss 03:55 0:00 > > /usr/sbin/bosserver > > root 960 5.0 0.5 6028 656 tty1 S+ 03:55 0:00 grep bos > > > > > > > > > > _______________________________________________ > > OpenAFS-devel mailing list > > OpenAFS-devel@openafs.org > > https://lists.openafs.org/mailman/listinfo/openafs-devel > _______________________________________________ OpenAFS-devel mailing list OpenAFS-devel@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-devel
