clogin password sleeps

Ed Ravin eravin at panix.com
Thu Jun 16 17:13:55 UTC 2005


On Wed, Jun 15, 2005 at 09:39:24AM -0400, Ed Ravin wrote:
> What do you think of conditionally skipping the 1-second sleep in
> clogin before sending the password?  I think that's part of the problem,
> since any clogins using the same account that try another router in the 1
> second interval will get a duplicate challenge that will be stale by the
> time they finish their 1-second sleeps...

That turned out to be a critical factor.  When I eliminated the 1-second
sleep in clogin before sending the password, multiple s/key logins on the
same account got more reliable.  Without using the "-p NN" option to "par"
to sleep between forks, some of the six routers I was testing with were
missed in rounds 1 and 2, but all were caught by round 3.  All six
completed in round 1 when I told "par" to sleep two seconds between forks
("-p 2").

So my patches to clogin for OTP will skip that 1-second sleep before sending
a password if OTP is in use.



More information about the Rancid-discuss mailing list