Configure netconf.xml
Location
This file is located in /etc/ensuite/yencap/netconfd.xml
Description
netconfd.xml is the main configuration file of YencaP. Here is the list of parameters that are customizable:
- port: tcp port of the agent
- p-version: 4 (IPv4), 6 (IPv6). Note that IPv6 has not been tested that much
- application-protocol: only ssh is up-to-date in YencaP. So please, keep ssh status active and others unactive
- private-key-file: the private key file of the agent
- options: RBAC is available. We strongly recommend to use it!
<netconfd> <port>51432</port> <ip-version>4</ip-version> <application-protocols> <application-protocol type="ssh" status="active"> <private-key-file keytype="rsa">/etc/ensuite/yencap/id_rsa</private-key-file> </application-protocol> <application-protocol type="xmlsec" status="unactive"> <encryption>0</encryption> <compression>0</compression> </application-protocol> </application-protocols> <options> <option type="accesscontrol" status="active"/> </options></netconfd> |
Complementary information
How to generate a private key
You may want to change the default public/private key pair. Here is the common way to generate a new pair:
// To be used with RSA openssl genrsa -out agent.private.key 1024 // Export the public key from the previous file openssl rsa -in agent.private.key -pubout -out agent.public.key |
How to generate a self-signed X509 certificate
/# To be used with RSA openssl genrsa -out manager.private.key 1024 openssl req -new -days 365 -key manager.private.key -x509 -out vincent.certificate |