08-04-2020 07:39 AM
Hi,
I am using NSO 5.3, trying to add a new authgroup for testing. I am getting following error with remote-password
syntax error: "missing_aes256cfb128_settings" is not a valid value.
Could someone help me to fix this error?
Solved! Go to Solution.
08-04-2020 07:58 AM
You need to add the AES256 keys to ncs.conf:
<AES256CFB128> <key>0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef</key> </AES256CFB128>
08-04-2020 07:58 AM
You need to add the AES256 keys to ncs.conf:
<AES256CFB128> <key>0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef</key> </AES256CFB128>
08-04-2020 08:40 AM
It worked. Thanks.
02-02-2021 08:02 PM
vleijon,
Please help with a different flavor of the same problem!
NSO restart failed on my upgrade from 5.2.3 to 5.4.2, with the same message: missing_aes256cfb128_settings
But, this LSA install uses the external-keys command, so I can't just add an explicit new key directly to ncs.conf.
I can't find any documentation on ncs_crypto_keys. since this is an upgrade, I'm concerned about making the CDB unreadable if I regenerate any existing keys.
The NSO v5.4.2 Installation doc says this, but this is not enough info to act on.
"Optionally, if you use the external command feature, make sure that you add an AES256CFB128_KEY to the output.
One way of generating such a key is: openssl rand -hex 32."
thanks in advance -
02-02-2021 08:48 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community: