[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Todd Denniston wrote, On 01/15/2008 06:42 PM:
Lippold, Aaron L CIV DISA PEO-GES wrote, On 01/15/2008 06:09 PM:
Classification:  UNCLASSIFIED Caveats: NONE


Anyone have to quick how-to on number 3?

I forgot, ssh working with pkcs11 was one of Alon's projects that is NOT hosted at opensc...

I hope to, in my copious spare time, get around to testing 'Linux Disk Encryption Integration'[3] and 'PKCS#11 Key Module for eCryptfs'[4], so we can meet the requirements to encrypt our laptops and USB sticks, and I am wondering if 'PKCS#11 Support in GnuPG' could be used to allow us to sign rpm's that we send to the field so that warfighters could have some way to verify that the CD they just got has legit rpm's (besides the sending address on the mailer).


I have built a set of patches to ssh to make it work in F8 too, but have not yet put them up on BZ[1].

I don't remember which FC RHEL 5 is based on, but you should be able to do one of the following... 1) use the src.rpm's and patches listed in the BZ, and do the build on on RHEL. I expect it will probably work. 2) use the src.rpm's for RHEL 5.1, get the appropriate patches based on links you find in the build script of that BZ, and build it on the system. I expect it to work, but be a lot of work to achieve. 3) get RH to compile up the patches _they_ put in F8's openssh into RHEL _and_ make them work. Good luck.

[1] I want to properly comment on RH's reinvention of the wheel[2] before putting up a BZ of how to make it work with F8|Rawhide. Unfortunately that takes time to write. [2] not proper comment on the problem:

-----Original Message-----
From: Mckenzie, Kenneth Mr CIV USA TRADOC
[mailto:kenneth.mckenzie@xxxxxxxxxxx] Sent: Friday, January 11, 2008 1:05 PM
To: Lippold, Aaron L CIV DISA PEO-GES
Subject: RE: Using CAC with RHEL SVR 5.1 (UNCLASSIFIED)
Importance: High

We have Dell Poweredge 4600 file server that is used has a software & patch

System currently running REDHAT AS 4 Update 3.

Looking to upgrade system to REDHAT Enterprise Server 5 Update 1.

The intent is to have the system CAC compliant to Army standards.

With the below
1. Ability to have the system join our active directory domain. (For IAVA
2. Logon locally with CAC.
3. Access File share remotely via SSH/SCP by using SSO or CAC. Via our

Any help/suggestion you have would be greatly appreciated.




They're The Reason We're Here!

Ken McKenzie
IT Specialist, NSC Ops
FT Leavenworth, KS
913-684-8397 DSN 552-8397

Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter

Coolkey-devel mailing list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Women]

  Powered by Linux