|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Todd Denniston wrote, On 01/15/2008 06:42 PM:
Lippold, Aaron L CIV DISA PEO-GES wrote, On 01/15/2008 06:09 PM:Classification: UNCLASSIFIED Caveats: NONE Hi, Anyone have to quick how-to on number 3?http://www.opensc-project.org/opensc/wiki/SecureShell
BAH!I forgot, ssh working with pkcs11 was one of Alon's projects that is NOT hosted at opensc...
http://alon.barlev.googlepages.com/open-sourceI hope to, in my copious spare time, get around to testing 'Linux Disk Encryption Integration'[3] and 'PKCS#11 Key Module for eCryptfs'[4], so we can meet the requirements to encrypt our laptops and USB sticks, and I am wondering if 'PKCS#11 Support in GnuPG' could be used to allow us to sign rpm's that we send to the field so that warfighters could have some way to verify that the CD they just got has legit rpm's (besides the sending address on the mailer).
[3] http://wiki.tuxonice.net/EncryptedSwapAndRoot [4] http://ecryptfs.sourceforge.net/
https://bugzilla.redhat.com/show_bug.cgi?id=186469 https://bugzilla.redhat.com/show_bug.cgi?id=186469#c8I have built a set of patches to ssh to make it work in F8 too, but have not yet put them up on BZ[1].I don't remember which FC RHEL 5 is based on, but you should be able to do one of the following... 1) use the src.rpm's and patches listed in the BZ, and do the build on on RHEL. I expect it will probably work. 2) use the src.rpm's for RHEL 5.1, get the appropriate patches based on links you find in the build script of that BZ, and build it on the system. I expect it to work, but be a lot of work to achieve. 3) get RH to compile up the patches _they_ put in F8's openssh into RHEL _and_ make them work. Good luck.[1] I want to properly comment on RH's reinvention of the wheel[2] before putting up a BZ of how to make it work with F8|Rawhide. Unfortunately that takes time to write. [2] not proper comment on the problem: https://www.redhat.com/archives/fedora-list/2007-December/msg00569.htmlhttps://www.redhat.com/archives/fedora-list/2007-December/msg00706.htmlAaron -----Original Message----- From: Mckenzie, Kenneth Mr CIV USA TRADOC[mailto:kenneth.mckenzie@xxxxxxxxxxx] Sent: Friday, January 11, 2008 1:05 PMTo: Lippold, Aaron L CIV DISA PEO-GES Subject: RE: Using CAC with RHEL SVR 5.1 (UNCLASSIFIED) Importance: HighWe have Dell Poweredge 4600 file server that is used has a software & patchrepository. System currently running REDHAT AS 4 Update 3. Looking to upgrade system to REDHAT Enterprise Server 5 Update 1. The intent is to have the system CAC compliant to Army standards. With the below 1. Ability to have the system join our active directory domain. (For IAVA SCANS) 2. Logon locally with CAC. 3. Access File share remotely via SSH/SCP by using SSO or CAC. Via our https://nscops.leavenworth.army.mil Any help/suggestion you have would be greatly appreciated. Thanks! V/R Ken Remember! AMERICAN SOLDIERS! They're The Reason We're Here! Ken McKenzie IT Specialist, NSC Ops FT Leavenworth, KS kenneth.mckenzie@xxxxxxxxxxxxxx 913-684-8397 DSN 552-8397
-- Todd Denniston Crane Division, Naval Surface Warfare Center (NSWC Crane) Harnessing the Power of Technology for the Warfighter _______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools]
