/etc/slp.spi is in slpd 1.2.1-11.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 | #############################################################################
#
# OpenSLP SPI file
#
# Security Parameter Index (SPI) is an unformated string that us used
# by SLP to identify security information used to authenticate SLPv2
# message. See RFC 2608 for more information.
#
# Format and contents conform of this file are specific to the OpenSLP
# implementation of SLPv2 authentication. See comments below for more
# explaination of the file format.
#
# NOTE: OpenSLP only supports DSA keys!!!
#
#############################################################################
#
#-------------
# File format:
#-------------
# Each line of this file maps an SPI string to a PEM encoded key file.
#
# <PRIVATE|PUBLIC> <spi_string_without_whitespace> <PEM key file>
#
#
#--------------
# PRIVATE key:
#--------------
# The PRIVATE key line specifies the location of a key file that contains
# a PEM encoded DSA private key for the given SPI. The PRIVATE key is used
# for signing SLP messages that are sent the SA/DA on this host.
#
# A PRIVATE key entry is not required. If the PRIVATE key entry does not
# exist, then SLP messages sent by this host will not be signed. Since UAs
# do not have to sign any messages, it is often advantageous to
# specifically omit the PRIVATE entry on hosts that do not act as an SA or
# DA.
#
# ***IMPORTANT***
# Only one PRIVATE key is recognized by the implementation. If there is
# more than one private key then only the key designated by the first PRIVATE
# entry in this file will be used.
#
# The following is a commented example of a PRIVATE entry:
#
# PRIVATE myprivateslpkey /etc/secure/myprivateslpkey.pem
#
#
#--------------
# PUBLIC keys:
#--------------
# The PUBLIC key line specifies the location of a key file that contains a
# PEM encoded DSA public key. This key is used for verifying messages sent
# by other SLP agents
#
# At least one PUBLIC key entry on all hosts is required for proper
# operation of of secure OpenSLP. It is possible that more than one entry
# will be needed in order to verify signatures if for some reason (that I
# can't imagine right now) you have configured SAs and DAs with a variety of
# PRIVATE keys.
#
# The following is a commented example of a PUBLIC entry:
#
# PUBLIC mypublicslpkey /etc/secure/mypublicslpkey.pem
#
#-----------------------
# PEM encoded key files
#-----------------------
# PEM encoded key files can be generated using OpenSSL or tools included with
# OpenSLP.
#
#
#------------
# Final Note
#------------
# Unless you really know what you're doing, you should probably read the
# more detailed documentation at http://www.openslp.org BEFORE setting up
# SLP security
|