Versions Compared

Version Old Version 23 New Version 24
Changes made by

Mitchell Saunders

Mitchell Saunders

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

A new tool to randomize the secrets from the command line. This tool will randomize omkd_secrets tokens in OMK and also, NMIS auth_web_key when it matches some of the OMK tokens. The omkd_secrets token is used for Single-Sign-On, see SSO for Opmantek Firstwave Applications

This tool is also called by the installer and fixed CVE-2021-38551.

...

/usr/local/omk/bin/opcommon-cli.exe act=secrets_randomise [force=true] [length=N]

Where:

    • force=true will change the token even if this is not the default (Like =~ change_me)
    • length=N will force the token length to N (32 by default)

...

The default values can be overwritten by setting the configuration item security_content_policy under the authentication section in the configuration file, opCommon.json.

...

For example, if you want to include one of the Opmantek FirstWave applications in an iFrame, you would need to include directives for frame-ancestors and frame-src, e.g.

...