-
Story
-
Resolution: Done-Errata
-
Major
-
None
-
None
-
5
-
False
-
Satellite Rocket Sprint 6, Satellite Rocket Sprint 7
-
sat-rocket
-
Release Note Not Required
-
None
-
None
-
None
We document the installer-managed DHCP service scenario. For upstream this is https://docs.theforeman.org/nightly/Integrating_Provisioning_Infrastructure_Services/index-katello.html#enabling-the-installer-managed-dhcp-service. In this scenario we need to support changing the DHCP key algorithm to something other than hmac-md5.
More concrete, the installer gained -foreman-proxy-dhcp-key-algorithm. Currently in step 3.b. we tell the user to run tsig-keygen -a hmac-md5 _my_omapi_key but the value to parameter to -a becomes free to choose. See man tsig-keygen for the accepted values. Then that value needs to be passed in step 4 with the -foreman-proxy-dhcp-key-algorithm installer parameter.
It's a good idea to also recommend users a better algorithm than hmac-md5. The current default is hmac-sha256.
Acceptance criteria:
- The installer supports this
- The enhanced procedure is documented
- This is tested
- blocks
-
-
- Closed
-
- depends on
-
SAT-39134 Add information on the algorithm choice by jafiala · Pull Request #4336 · theforeman/foreman-documentation · GitHub
-
- Closed
-
- links to
-
RHBA-2025:155337
Important: Satellite 6.18.0 new version release
