9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed
* [9fans] changing nvram key in auth server
@ 2004-11-16  1:20 YAMANASHI Takeshi
  2004-11-16  1:47 ` andrey mirtchovski
  0 siblings, 1 reply; 8+ messages in thread
From: YAMANASHI Takeshi @ 2004-11-16  1:20 UTC (permalink / raw)
  To: 9fans

If, on auth server, the key stored in nvram has been changed,
certainly auth/keyfs is unable to decrypt /adm/keys anymore
without some management.

What is the appropriate way to change the nvram key
on auth server, then?
-- 




^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [9fans] changing nvram key in auth server
  2004-11-16  1:20 [9fans] changing nvram key in auth server YAMANASHI Takeshi
@ 2004-11-16  1:47 ` andrey mirtchovski
  2004-11-16 10:33   ` Fco. J. Ballesteros
  0 siblings, 1 reply; 8+ messages in thread
From: andrey mirtchovski @ 2004-11-16  1:47 UTC (permalink / raw)
  To: 9fans

> If, on auth server, the key stored in nvram has been changed,
> certainly auth/keyfs is unable to decrypt /adm/keys anymore
> without some management.
 

use auth/convkeys to re-encrypt the keys.  see presotto's message with
subject 'strange things in /sys/log/auth' from 2003-07-03.

andrey

ps: i've never actually used it, just relaying the information :)



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [9fans] changing nvram key in auth server
  2004-11-16  1:47 ` andrey mirtchovski
@ 2004-11-16 10:33   ` Fco. J. Ballesteros
  0 siblings, 0 replies; 8+ messages in thread
From: Fco. J. Ballesteros @ 2004-11-16 10:33 UTC (permalink / raw)
  To: 9fans

> ps: i've never actually used it, just relaying the information :)

I did. It worked fine.



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [9fans] changing nvram key in auth server
  2004-11-16  1:55 YAMANASHI Takeshi
  2004-11-16  2:04 ` andrey mirtchovski
  2004-11-16  2:07 ` andrey mirtchovski
@ 2004-11-16  6:46 ` Skip Tavakkolian
  2 siblings, 0 replies; 8+ messages in thread
From: Skip Tavakkolian @ 2004-11-16  6:46 UTC (permalink / raw)
  To: 9fans

> 	I'm stuck at level 43 (easy).

level hard-80 is a bastard.



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [9fans] changing nvram key in auth server
  2004-11-16  2:04 ` andrey mirtchovski
@ 2004-11-16  2:11   ` boyd, rounin
  0 siblings, 0 replies; 8+ messages in thread
From: boyd, rounin @ 2004-11-16  2:11 UTC (permalink / raw)
  To: Fans of the OS Plan 9 from Bell Labs

> i doubt i'll go beyond the gui phase.

but LANL have this nice new, it slices, it dices, 90 teraflop m/c, right?



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [9fans] changing nvram key in auth server
  2004-11-16  1:55 YAMANASHI Takeshi
  2004-11-16  2:04 ` andrey mirtchovski
@ 2004-11-16  2:07 ` andrey mirtchovski
  2004-11-16  6:46 ` Skip Tavakkolian
  2 siblings, 0 replies; 8+ messages in thread
From: andrey mirtchovski @ 2004-11-16  2:07 UTC (permalink / raw)
  To: 9fans


> By the way, I noticed that convkeys is mentioned twice in auth(8).
> 

the second one is convkeys2, i submitted a patch just now.

andrey



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [9fans] changing nvram key in auth server
  2004-11-16  1:55 YAMANASHI Takeshi
@ 2004-11-16  2:04 ` andrey mirtchovski
  2004-11-16  2:11   ` boyd, rounin
  2004-11-16  2:07 ` andrey mirtchovski
  2004-11-16  6:46 ` Skip Tavakkolian
  2 siblings, 1 reply; 8+ messages in thread
From: andrey mirtchovski @ 2004-11-16  2:04 UTC (permalink / raw)
  To: 9fans


> P.S.
> 	I'm stuck at level 43 (easy).

i haven't played in a while.  i got interested in Go in the past three
months and have been playing my board games outside of the computer.
i'm thinking of writing a Go fs to be used as a 9grid service -- '9fs
go' and ls all the games in progression.

i doubt i'll go beyond the gui phase.

:)



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [9fans] changing nvram key in auth server
@ 2004-11-16  1:55 YAMANASHI Takeshi
  2004-11-16  2:04 ` andrey mirtchovski
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: YAMANASHI Takeshi @ 2004-11-16  1:55 UTC (permalink / raw)
  To: 9fans

On Tue Nov 16 10:48:08 JST 2004, andrey mirtchovski wrote:
> > If, on auth server, the key stored in nvram has been changed,
> > certainly auth/keyfs is unable to decrypt /adm/keys anymore
> > without some management.
> 
> use auth/convkeys to re-encrypt the keys.  see presotto's message with
> subject 'strange things in /sys/log/auth' from 2003-07-03.|

Thank you for the information.  I will try soon.
	http://lists.cse.psu.edu/archives/9fans/2003-July/025700.html

By the way, I noticed that convkeys is mentioned twice in auth(8).

     AUTH(8)                                                   AUTH(8)
       :
     SYNOPSIS
       :
          auth/convkeys [-p] keyfile

          auth/convkeys [-p] keyfile

Thanks.
P.S.
	I'm stuck at level 43 (easy).
-- 




^ permalink raw reply	[flat|nested] 8+ messages in thread
end of thread, other threads:[~2004-11-16 10:33 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-11-16  1:20 [9fans] changing nvram key in auth server YAMANASHI Takeshi
2004-11-16  1:47 ` andrey mirtchovski
2004-11-16 10:33   ` Fco. J. Ballesteros
2004-11-16  1:55 YAMANASHI Takeshi
2004-11-16  2:04 ` andrey mirtchovski
2004-11-16  2:11   ` boyd, rounin
2004-11-16  2:07 ` andrey mirtchovski
2004-11-16  6:46 ` Skip Tavakkolian

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).