From ea357b8b6de387a55930a3fc831b8ccbcef24582 Mon Sep 17 00:00:00 2001 From: Ondrej Filip Date: Sat, 26 Jun 2004 22:52:39 +0000 Subject: Update of the documentation. (passwords and md5). Option for md5 auth in config. --- doc/bird.sgml | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'doc/bird.sgml') diff --git a/doc/bird.sgml b/doc/bird.sgml index 00b449d..a25d8b7 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -1029,6 +1029,15 @@ protocol ospf <name> { strict nonbroadcast <switch>; authentication [none|simple]; password "<text>"; + passwords { + password "<text>" { + id <num>; + generate from <date>; + generate to <date>; + accept from <date>; + accept to <date>; + }; + }; neighbors { <ip>; <ip> eligible; @@ -1143,8 +1152,30 @@ protocol ospf <name> { lacking this password are ignored. This authentication mechanism is very weak. + authentication cryptographic + 16-byte long md5 digest is appended to every packet. For the digest + generation 16-byte long passwords are used. Those passwords are + not sent via network, so this mechanismus is quite secure. + Packets can still be read by an attacker. + password "text" - An 8-byte password used for authentication. + An 8-byte or 16-byte password used for authentication. + + id num + ID of the password, (0-255). If it's not used, BIRD will choose + some automatically. + + generate from date + The start time of the usage of the password for packet signing. + + generate to date + The last time of the usage of the password for packet signing. + + accept from date + The start time of the usage of the password for packet verification. + + accept to date + The last time of the usage of the password for packet verification. neighbors { A set of neighbors to which Hello messages on nonbroadcast networks -- cgit v1.2.3