<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: general cipe questions for the linux platform
From: Karl Kleinpaste <karl,AT,charcoal,DOT,com>
Date: Mon, 23 Dec 2002 15:05:15 +0100
In-reply-to: <00b401c2aa87$dbdf5a30$910315ac@poirier>

"Tom Van Overbeke" <Tvanoverbeke,AT,atos,DOT,be> writes:
> (oh  yes,i  want  to connect two linux machines that are both behind a
> dmz.)

Depending on what your site calls a DMZ, you might have difficulty: At
least one of the machines must be directly visible (not NAT'd) from
the other.

> on  the  other  machine,  i do exactly the same, and when i launch the
> ciped-cb,  it  will  try  to contact the remote server and establish a
> connection. right ?

When ciped-cb is started on either machine, a connection attempt will
be made.  CIPE is a peer-to-peer arrangement, not client-server.  Now,
if you set up the options file with a remote address of, then
that machine will be in effect a server, and lots of us do this: It
will establish that machine as waiting for someone else to connect to

> on  rh8.0,  depmod  had some problems (during the make install phase),
> but  i  could  afterwards insmod the module without problems.

This is a recurring complaint, but it never seems to stop anything.
There was a recent discussion about it (see archives from last few
days) relative to recompiling RH's supplied kernel source tree, but I
see the same thing using non-RH kernel source -- I'm running 2.4.19 --
and still it causes no problem in practice.

> on  rh7.2,  everything  installed without a problem, but when i launch
> the ciped-cb daemon, i get the following error in the systlog file:
> ciped version mismatch f3d2234c -> 25bed682

These days, RH comes with (an old version of) CIPE, and there is
already a cipcb.o lurking in /lib/modules/VERSION/kernel/drivers/addon.  
Simply remove that one.  The problem is that you are running one
version of ciped-cb with an incompatible version of cipcb.o.  Check
$PATH for the right daemon, and get rid of that old kernel module.

> i  also  noticed  that on the redhat 7.2 pc, the install went fine and
> created a rsa key in /etc/cipe/identity and /etc/cipe/identity.priv. I
> do  not  have  these files on the redhat 8.0 pc. are they required for
> the proper functioning of cipe ?

I don't personally use pkcipe, but that's what causes these to be
built.  If you specified --disable-pkcipe, then no such program is
built and these keys are never created.


<< | Thread Index | >> ]    [ << | Date Index | >> ]