Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
owampd.pfs(5)		      File Formats Manual		 owampd.pfs(5)

NAME
       owampd.pfs - One-way latency server pass-phrase store

DESCRIPTION
       The  owampd.pfs	file  is  used	to hold	the identity/pass-phrase pairs
       needed for owampd to authenticate users.	The format of this file	is de-
       scribed	in  the	 pfstore(1)  manual page. The location of this file is
       controlled by the -c option to owampd.

       owampd uses symmetric AES keys for authentication. These	keys  are  de-
       rived from a shared secret (the pass-phrase) using the PBKDF2 algorithm
       (RFC 2898) with an HMAC-SHA1 as the pseudorandom	function.

       Therefore, the owping client must have access to	the exact  same	 pass-
       phrase that the owampd server uses. Both	the client and the server need
       to derive the same AES key for authentication to	work.  It is important
       that  the  system  administrator	and end	user ensure the	pass-phrase is
       not compromised.

       If the owping client is able to authenticate using the identity and de-
       rived  AES key, owampd will use the directives found in the owampd.lim-
       its file	to map policy restrictions for this connection.

SECURITY CONSIDERATIONS
       The pass-phrases	in the owampd.pfs file are not encrypted in  any  way.
       (They  are  simply hex encoded.)	The security of	these pass-phrases are
       completely dependent upon the security of the filesystem	and  the  dis-
       cretion of the system administrator.

RESTRICTIONS
       Identity	names are restricted to	80 characters.

SEE ALSO
       pfstore(1),    owping(1),    owampd(8),	 owampd.limits(5),   and   the
       http://e2epi.internet2.edu/owamp/ web site.

ACKNOWLEDGMENTS
       This material is	based in part on work supported	by the	National  Sci-
       ence  Foundation	(NSF) under Grant No. ANI-0314723. Any opinions, find-
       ings and	conclusions or recommendations expressed in this material  are
       those  of the author(s) and do not necessarily reflect the views	of the
       NSF.

	     $Date: 2006-11-07 00:54:55	-0500 (Tue, 07 Nov 2006) owampd.pfs(5)

NAME | DESCRIPTION | SECURITY CONSIDERATIONS | RESTRICTIONS | SEE ALSO | ACKNOWLEDGMENTS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=owampd.pfs&sektion=5&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help