You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
N1: Create a new shared mesh keychain following these instructions.
Go to the “Basic –> Security –> Shared Mesh Keychain” menu
If the menu is populated with the options to "upload, download, and create" a shared mesh keychain follow the "Delete a keychain" instructions below and then continue.
Click the add button
Click the "Save" button
Click "Save and Apply" when asked to confirm the configuration.
Wait for the "Applying Changes" page to redirect you back to the status page.
N1: Download the created keychain using these instructions.
Go to the “Basic –> Security –> Shared Mesh Keychain” menu
If the menu shows ONLY the "help text" and "add" button follow the "Add a new key-chain" instructions above then continue.
Click the "Download Shared Mesh Keychain" button.
This will start the download of a file called serval.keyring
This file is your shared mesh key-chain.
N2: Upload a keychain using these instructions.
Make sure you have a valid key-chain on the device you will be uploading a key from
Go to the “Basic –> Security –> Shared Mesh Keychain” menu
If the menu shows ONLY the "help text" and "add" button follow the "Add a new key-chain" instructions above then continue. This not only adds a new key, which you don't need, but configures the device to require a key-chain file.
In the "Upload Shared Mesh Keychain File" box click on the "Choose File" button.
Select a key-ring file from your device and click "Open"
Click the "Save" Button
You do not have to click the "Save and Apply" button because we have not changed any settings, we have only replaced the keyring.
Feb 25 23:25:26 commotion user.notice luci: get sid
Feb 25 23:25:27 commotion user.notice luci: changes NOT found
Feb 25 23:25:27 commotion user.notice luci: lib parse
Feb 25 23:25:27 commotion user.notice luci: olsrd_mdp.so.0.1
Feb 25 23:25:27 commotion user.notice luci: sp parse
Feb 25 23:25:27 commotion user.notice luci: /etc/commotion/keys.d/mdp/serval.keyring
Feb 25 23:25:27 commotion user.notice luci: sid parse
Feb 25 23:25:50 commotion user.notice luci: uploader write
Feb 25 23:25:51 commotion user.notice luci: get sid
Feb 25 23:25:51 commotion user.notice luci: get sid
Feb 25 23:25:51 commotion user.notice luci: set
Feb 25 23:25:51 commotion user.notice luci: get sid
Feb 25 23:25:51 commotion user.notice luci: get sid
N2: The important line is the one that states "set"
root@n1: logread
Feb 25 23:25:26 commotion user.notice luci: get sid
Feb 25 23:25:27 commotion user.notice luci: changes NOT found
Feb 25 23:25:27 commotion user.notice luci: lib parse
Feb 25 23:25:27 commotion user.notice luci: olsrd_mdp.so.0.1
Feb 25 23:25:27 commotion user.notice luci: sp parse
Feb 25 23:25:27 commotion user.notice luci: /etc/commotion/keys.d/mdp/serval.keyring
Feb 25 23:25:27 commotion user.notice luci: sid parse
Feb 25 23:25:50 commotion user.notice luci: get sid
Feb 25 23:25:51 commotion user.notice luci: changes NOT found
Feb 25 23:25:51 commotion user.notice luci: lib parse
Feb 25 23:25:51 commotion user.notice luci: olsrd_mdp.so.0.1
Feb 25 23:25:51 commotion user.notice luci: sp parse
Feb 25 23:25:51 commotion user.notice luci: /etc/commotion/keys.d/mdp/serval.keyring
Feb 25 23:25:51 commotion user.notice luci: sid parse
N1: Notice that there is no "set" command announced on new key creation. This means that the function that sets the commotion profile values was never run when "adding" a new key.
Conclusion:
Upon running firstboot and then restarting to set the node back to its defaults it seems that the node has defaults that are not getting overwritten.
root@test-01-1011232331:# reboot
root@test-01-1011232331:# Connection to 10.46.75.1 closed by remote host.
me@my_computer:~$ telnet 10.46.75.1
root@commotion:/# ls /etc/commotion/keys.d/mdp/serval.keyring
/etc/commotion/keys.d/mdp/serval.keyring
root@commotion:/# SERVALINSTANCE_PATH=/etc/commotion/keys.d/mdp serval-client keyring list
INFO: Local date/time: 2014-02-25 21:00:08 +0000
INFO: Serval DNA version: UNKNOWN-VERSION
WARN: conf.c:85:reload() config file /etc/commotion/keys.d/mdp/serval.conf does not exist -- using all defaults
A6D29C35D0409F176B22AEF2FAC447572540F39D8AEB8C48C107F9A11D224B06::
A node contains a default mdp serval keyring file, which it should not for security reasons, but that is besides the point. Beyond this, when a new serval-keyring is added in the security menu it only creates a new keyring if a key does NOT already exist. The act of adding a new keyring also does not trigger the modification of the commotion profile values when using the basic "add" command. As such, adding a new serval keyring without using one of the sub-options does not work.
BUT! If a user adds a new serval keyring AND then uses the "Create a new Shared Mesh Keychain file" button on that page it will properly set the new serval keyring.
The text was updated successfully, but these errors were encountered:
The default "add" functionality of the mesh key-chain page does not create a new key or update the current commotion profiles mdp values.
The correct behavior when the "add" button is clicked should be as follows:
Related Documentation Bug/Fix that will allow R1.1 to be put out regardless of this bug can be found @ opentechinstitute/commotion-docs#45
To re-create:
KEY:
Node 1 = N1
Node 1 command line argument = root@n1:
Node 2 = N2
Node 2 command line argument = root@n2:
N1: Create a new shared mesh keychain following these instructions.
N1: Download the created keychain using these instructions.
N2: Upload a keychain using these instructions.
root@n1: cat /etc/commotion/profiles.d/profile_name
root@n2: cat /etc/commotion/profiles.d/profile_name
N1 & N2: Note the difference between the mdp_keyring lines and the mdp_sid lines.
root@n2: logread
N2: The important line is the one that states "set"
root@n1: logread
N1: Notice that there is no "set" command announced on new key creation. This means that the function that sets the commotion profile values was never run when "adding" a new key.
Conclusion:
Upon running firstboot and then restarting to set the node back to its defaults it seems that the node has defaults that are not getting overwritten.
root@test-01-1011232331:
# reboot# Connection to 10.46.75.1 closed by remote host.root@test-01-1011232331:
me@my_computer:~$ telnet 10.46.75.1
root@commotion:/# ls /etc/commotion/keys.d/mdp/serval.keyring
root@commotion:/# SERVALINSTANCE_PATH=/etc/commotion/keys.d/mdp serval-client keyring list
root@commotion:/# commotion new newProfile
root@commotion:/# commotion profiles
root@commotion:/# commotion save newProfile
root@commotion:/# cat /etc/commotion/profiles.d/newProfile
A node contains a default mdp serval keyring file, which it should not for security reasons, but that is besides the point. Beyond this, when a new serval-keyring is added in the security menu it only creates a new keyring if a key does NOT already exist. The act of adding a new keyring also does not trigger the modification of the commotion profile values when using the basic "add" command. As such, adding a new serval keyring without using one of the sub-options does not work.
BUT! If a user adds a new serval keyring AND then uses the "Create a new Shared Mesh Keychain file" button on that page it will properly set the new serval keyring.
The text was updated successfully, but these errors were encountered: