similar to: scp and SGI DMF

Kevin, Thanks for your response. Some observations are inter-lined below. Rob. Regards Rob. Bell e-mail: Robert.Bell at csiro.au -- Dr Robert C. Bell, BSc (Hons) PhD Technical Services Manager Advanced Scientific Computing CSIRO IM&T Phone: +61 3 9669 8102 | Mobile: +61 428 108 333 | CSIRO 93 3810 Robert.Bell at csiro.au | http://www.csiro.au/ | http://www.hpsc.csiro.au/

I am essentially asking the same question that Eirik Overby asked a couple of years ago. Is anyone aware of PCI-X/PCIe hardware security modules that are supported on FreeBSD? I have not seen any on the FreeBSD hardware compatibility lists. Again, as Eirik noted in his question, HSMs are not simply crypto accelerators (which are supported on FreeBSD), they also are a means of storing keys

rsync Folks, The following explanatory text is by me and the patches are by Rowan McKenzie for use by the Advanced Scientific Computing group at CSIRO. This patch builds upon the --link-dest patch by Bryant Hansen (Thanks heaps!). 1. The original patch provided an alternate behaviour for rsync when using the --link-dest option. When there are identical files in the source and link-dest areas,

Hello all, first, if this is disallowed by the rules for this list (I'm a bit uncertain..), then please forgive me. I am working for a company doing services for the credit card industry. Among other things, we specialize in authentication systems (3-D Secure) for internet-based trade, and are subject to very strict security requirements (obviously). The relevant systems are all

Hello all, I think there was a very good reply about an Arduino-based controller for a DIY UPS here. The project you posted to, with an Arduino presenting as a Megatec protocol server, also seems interesting. Here I'd like to reply to one point not covered before - DMF. As a short and quick reply - unfortunately no, you can not use it with stock upstream NUT at the moment, and not for

Hello all, Now that I am subscribed to the list I can reply at last :) Kelly, thank you for the comprehensive write-up and pointers to sources and the Arduino lib and example. This took me into a rabbit hole and I've spent entirely too many hours browsing through the NUT sources and USB/HID/PowerDevice specs. Jim, thanks for the comprehensive write-up and all the work you do on NUT. This

If the source and destination file are identical, the receiving scp truncates the file. On the sending end, read() returns 0, and garbage is sent instead of actual data, and the receiving end puts it into the file, which at least confuses the users. -- Florian Weimer Florian.Weimer at RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/

Hi All. We have a samba server at our location. We are facing out with some issue. User who have the account on the server are able to access "/" root access. I have tried to add an extra line In Home sharing, which is "path = %H", this lined solved my issue, but gave other issue. After implementing this line under Home share, I am not able to open any other user's

Hmm, don't you just love changing terminology! I've been using HSM systems at work since '99. BTW, DMAPI is the Data Management API which was a common(ish) extension used by amongst others SGI and IBM. Back to lvmcache. It looks interesting. I'd earlier dismissed LVM since it is block orientated, not file orientated. Probably because my mental image is of files migrating to

I've started testing the detect-renamed patch with 2.6.9 and soon 3.0.0pre1. I have an unique situation where I'm rsync'ing to a HSM based filesystem. I've found that the detect-renamed patch works but it appears to do a copy of the file to the new destination. This is particular slow since the file in the HSM based filesystem may only be a stub and all the data is only resident

I find this approach very bad in general.? PKCS#11 standard says that *private* keys should not be accessible without authentication. *Public* keys and certificates of course can and should be accessible with no authentication. SoftHSM misinterpreted this originally (older pkcs11 documents were less clear :), but they rectified this mistake. We should not repeat it.?

Some HSM's such as Safenet Network HSM do not allow searching for keys unauthenticated. To support such devices provide a mechanism for users to provide a pin code that is always used to automatically log in to the HSM when using PKCS11. The pin code is read from a file specified by the environment variable SSH_PKCS11_PINFILE if it is set. Tested against Safenet Network HSM. ---

Andrew, I have a software which need the following package but I can't find it in Internet. Could you advice me where I can download it? samba-3.0.10-1.4E6.HSM.2.i386 samba-common-3.0.10-1.3E.6.HSM.2 samba-client-3.0.10-1.4E.6.HSM.2 Thanks, Isaac Chan

I think there may be some confusion here. By HSM I was referring to Hierarchical Storage Management, whereby there are multiple levels of storage (fast+expensive <-> slow+cheap) and files migrate up or down. Originally it was used to keep data on tape with the metadata residing on disk though it has been expanded to allow a SAS/SATA hierarchy. Quite where PKI comes in I'm not sure,

Hello, OpenSSH supports PKCS#11 on the client side, but that does not extend to the server side. I would like to bring PKCS#11 support to sshd. I am working on embedded Linux systems with integrated HSM. The sshd host key is stored on the HSM. To have sshd using that key, we rely on the following chain: sshd -> OpenSSL -> OpenSSL Engine -> HSM Having PKCS#11 support in sshd, would

I said I had several questions to start threads on.... What about ZFS and various HSM solutions? Do any of them already work with ZFS? Are any going to? It seems like HSM solutions that access things at a file level would have little trouble integrating with ZFS. But ones that work at a block level would have a harder time. On that same thread, what about support for DMAPI within ZFS?

Purely from interest, is there any current FOSS implementation of HSM? I note that XFS has dropped support for DMAPI, have other filesystems? Regards, Martin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL:

Hi - I was wondering if any of you may be able to point me in the right direction. I am in the process of designing a fairly large fileserver solution in an MS Active directory environment. I have setup and tested ctdb samba, however, after several discussions with a couple of my colleagues, i am now considering a more vanilla flavour of samba. The key features the solution requires are: •

Hi. I'm looking for a tutorial/how-to for a HSM (Hierarchical /Storage/ Management). keeping old messages for a user in a cheap storage and recent messages in a faster one. I see on dovecot2 wiki an alternative for hsm as "Alternate storage", but I don't now if it's a good solution for me. The expected result is a faster imap/pop access for new messages on a

On 11/16/16, 8:55 AM, "openssh-unix-dev on behalf of Juha-Matti Tapio" <openssh-unix-dev-bounces+uri=ll.mit.edu at mindrot.org on behalf of jmtapio at ssh.com> wrote: On Wed, Nov 16, 2016 at 12:54:44PM +0000, Blumenthal, Uri - 0553 - MITLL wrote: > I find this approach very bad in general. > > PKCS#11 standard says that *private* keys should not be