How to use omshell with ICS DHCP?

Question

In /etc/dhcp/dhcpd.conf have added

omapi-port 7911;
omapi-key testkey;

key testkey {
  algorithm hmac-sha256;
  secret QUt1z1O3fxqgSDKILAMXFA==;
}

but it won't let me connect when I do

# systemctl restart dhcpd
# omshell 
> server localhost
> key testkey QUt1z1O3fxqgSDKILAMXFA==
> connect
dhcpctl_connect: not found

The key were generated by

# dnssec-keygen -a hmac-sha256 -b 128 -n USER dhcpupdate
# cat Kdhcpupdate.+163+41847.*
dhcpupdate. IN KEY 0 3 163 QUt1z1O3fxqgSDKILAMXFA==
Private-key-format: v1.3
Algorithm: 163 (HMAC_SHA256)
Key: QUt1z1O3fxqgSDKILAMXFA==
Bits: AAA=
Created: 20181123141544
Publish: 20181123141544
Activate: 20181123141544

Question

Can anyone see what I am doing wrong?

did you ever work this one out? – Geoff Crompton Jun 07 '22 at 02:20 — Geoff Crompton, Jun 07 '22 at 02:20

Graymalkin · Answer 1 · 2023-01-05T23:00:20.037

0

I was looking for some other omshell info today and landed on your question. Try quotes around your secret and a semi-colon after your last bracket:

key testkey {
  algorithm hmac-sha256;
  secret "QUt1z1O3fxqgSDKILAMXFA==";
};

I hope that helps.

edited Jan 05 '23 at 23:00

answered Jan 05 '23 at 22:58

Graymalkin

1
1

hmac-sha256 doesn't seem to work (at least not on Solaris 11.3). I had to use hmac-md5 (the default algorithm) to be able to connect to the omshell service. – jelmd Mar 23 '23 at 18:26

score -1 · Answer 2 · edited Jun 14 '19 at 00:05

-1

hmac-sha256 changed to HMAC-SHA256 or use HMAC-MD5

Example:

omapi-port 7911;
key omapi_key {
     algorithm HMAC-MD5;
     secret WRcLh5+g2U7kBL6u7+9kh6jv2OwHAQFlLOYUnBfYvmVFutggwGdzIeJL7dnbc5ROdmhl6Eg28wQ61Q==;
}
omapi-key omapi_key;

edited Jun 14 '19 at 00:05

Zeitounator

1,199
5
12

answered Jun 13 '19 at 21:50

user527708

1

How to use omshell with ICS DHCP?

2 Answers2