Internet2
Site Index | Internet2 Searchlight |
Membership | Communities | Services | Projects | Tools | Events | Newsroom | About
| E2Epi Home

End-to-End Performance Initiative
>About OWAMP
>Details
>History
>Downloads
>IP
>Suggestions
Manual Pages
  > owping(1)
  > owstats(1)
  > owfetch(1)
  > owup(1)
  > powstream(1)
  > owampd(8)
  > owampd.conf(5)
  > owampd.limits(5)
  > owampd.pfs(5)
  > pfstore(1)
Links
>OWAMP Cookbook
>owamp-announce list
>owamp-users list
Network Performance
> perfSONAR-PS
> BWCTL
> OWAMP
> NDT
> Thrulay
> Workshops
> NPToolkit
> Measurement Point Directory
> Internet2 Results
Community Engagement
> Working Groups
> Collaborations

One-way Ping (OWAMP)

The OWAMP specification has now been released as a Standards Track RFC: http://www.rfc-editor.org/rfc/rfc4656.txt.

owampd.pfs(5) Manual Page



owampd.pfs(5)                                                    owampd.pfs(5)

NAME

       owampd.pfs - One-way latency server pass-phrase store

DESCRIPTION

       The  owampd.pfs  file  is  used  to hold the identity/pass-phrase pairs
       needed for owampd to authenticate users. The format  of  this  file  is
       described  in  the pfstore(1) manual page. The location of this file is
       controlled by the -c option to owampd.

       owampd uses symmetric AES  keys  for  authentication.  These  keys  are
       derived  from  a shared secret (the pass-phrase) using the PBKDF2 algo-
       rithm (RFC 2898) with an HMAC-SHA1 as the pseudorandom function.

       Therefore, the owping client must have access to the exact  same  pass-
       phrase that the owampd server uses. Both the client and the server need
       to derive the same AES key for authentication to work.  It is important
       that  the  system  administrator and end user ensure the pass-phrase is
       not compromised.

       If the owping client is able to authenticate  using  the  identity  and
       derived   AES  key,  owampd  will  use  the  directives  found  in  the
       owampd.limits file to map policy restrictions for this connection.

SECURITY CONSIDERATIONS

       The pass-phrases in the owampd.pfs file are not encrypted in  any  way.
       (They  are  simply hex encoded.) The security of these pass-phrases are
       completely dependent upon the security of the filesystem and  the  dis-
       cretion of the system administrator.

RESTRICTIONS

       Identity names are restricted to 80 characters.

SEE ALSO

       pfstore(1),    owping(1),    owampd(8),   owampd.limits(5),   and   the
       http://e2epi.internet2.edu/owamp/ web site.

ACKNOWLEDGMENTS

       This material is based in part on work supported by the  National  Sci-
       ence  Foundation (NSF) under Grant No. ANI-0314723. Any opinions, find-
       ings and conclusions or recommendations expressed in this material  are
       those  of the author(s) and do not necessarily reflect the views of the
       NSF.

                         $Date: 2006/11/07 05:54:55 $            owampd.pfs(5)
Man(1) output converted with man2html
One-Way Ping (OWAMP) 12 September, 2005
This material is based, in part, on work supported by the National Science Foundation (NSF) under Grant No. ANI-0314723. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.
© 1996 - 2008 Internet2 - All rights reserved | Terms of Use | Privacy | Contact Us
1000 Oakbrook Drive, Suite 300, Ann Arbor MI 48104 | Phone: +1-734-913-4250