./configure --help
to see a list of options. If the paraslash package was compiled
-successfully, execute as root,
+successfully, execute (optionally)
+
+ make test
+
+to run the paraslash test suite. If all tests pass, execute as root
make install
user=bar
target=~/.paraslash/server.users
- key=~/.paraslash/key.pub.$user
+ key=~/.paraslash/id_rsa.pub.$user
perms=AFS_READ,AFS_WRITE,VSS_READ,VSS_WRITE
mkdir -p ~/.paraslash
echo "user $user $key $perms" >> $target
Next, change to the "bar" account on client_host and generate the
key pair with the commands
- key=~/.paraslash/key.$LOGNAME
- mkdir -p ~/.paraslash
- (umask 077 && openssl genrsa -out $key 2048)
+ ssh-keygen -t rsa -b 2048
+ # hit enter twice to create a key with no passphrase
-para_server only needs to know the public key of the key pair just
-created. It can be extracted with
+This generates the two files id_rsa and id_rsa.pub in ~/.ssh. Note
+that paraslash can also read keys generated by the "openssl genrsa"
+command. However, since keys created with ssh-keygen can also be used
+for ssh, this method is recommended.
- pubkey=~/.paraslash/key.pub.$LOGNAME
- openssl rsa -in $key -pubout -out $pubkey
+Note that para_server refuses to use a key if it is shorter than 2048
+bits. In particular, the RSA keys of paraslash 0.3.x will not work
+with version 0.4.x. Moreover, para_client refuses to use a (private)
+key which is world-readable.
-Copy the public key just created to server_host (you may skip this step
-for a single-user setup, i.e. if foo=bar and server_host=client_host):
+para_server only needs to know the public key of the key pair just
+created. Copy this public key to server_host:
- scp $pubkey foo@server_host:.paraslash/
+ src=~/.ssh/id_rsa.pub
+ dest=.paraslash/id_rsa.pub.$LOGNAME
+ scp $src foo@server_host:$dest
Finally, tell para_client to connect to server_host:
contains in the third column the permissions needed to execute the
command.
-A new RSA key can be created with
-
- openssl genrsa -out <private_key> 2048
-
-and the public part may be extracted with
-
- openssl rsa -in <private_key> -pubout -out <public_key>
-
-Note that para_server refuses to use a key if it is shorter than 2048
-bits. In particular, the RSA keys of paraslash 0.3.x will not work
-with version 0.4.x. Moreover, para_client refuses to use a (private)
-key which is world-readable.
-
It is possible to make para_server reread the user_list file by
executing the paraslash "hup" command or by sending SIGHUP to the
PID of para_server.
~~~~~~~~~~~~~~~~~~~~~~~~
As already mentioned REFERENCE(Streaming protocols, earlier),
-paraslash uses forward error correction (FEC) for the unreliable
-UDP transport. FEC is a technique which was invented already in
-1960 by Reed and Solomon and which is widely used for the parity
+paraslash uses forward error correction (FEC) for the unreliable UDP
+and DCCP transports. FEC is a technique which was invented already
+in 1960 by Reed and Solomon and which is widely used for the parity
calculations of storage devices (RAID arrays). It is based on the
algebraic concept of finite fields, today called Galois fields, in
honour of the mathematician Galois (1811-1832). The FEC implementation
projects / paraslash.git / blobdiff