clogin password sleeps
Ed Ravin
eravin at panix.com
Thu Jun 16 17:13:55 UTC 2005
On Wed, Jun 15, 2005 at 09:39:24AM -0400, Ed Ravin wrote:
> What do you think of conditionally skipping the 1-second sleep in
> clogin before sending the password? I think that's part of the problem,
> since any clogins using the same account that try another router in the 1
> second interval will get a duplicate challenge that will be stale by the
> time they finish their 1-second sleeps...
That turned out to be a critical factor. When I eliminated the 1-second
sleep in clogin before sending the password, multiple s/key logins on the
same account got more reliable. Without using the "-p NN" option to "par"
to sleep between forks, some of the six routers I was testing with were
missed in rounds 1 and 2, but all were caught by round 3. All six
completed in round 1 when I told "par" to sleep two seconds between forks
("-p 2").
So my patches to clogin for OTP will skip that 1-second sleep before sending
a password if OTP is in use.
More information about the Rancid-discuss
mailing list