similar to: C7, encryption, and clevis

Displaying 20 results from an estimated 10000 matches similar to: "C7, encryption, and clevis"

2018 Jun 08
3
C7, encryption, and clevis
John Hodrien wrote: > On Fri, 8 Jun 2018, m.roth at 5-cent.us wrote: > >> We've been required to encrypt h/ds, and so have been rolling that out >> over the last year or so. Thing is, you need to put in a password, of >> course, to boot the system. My manager found a way to allow us to reboot >> without being at the system's keyboard, a package called clevis.
2018 Jun 08
2
C7, encryption, and clevis
Valeri Galtsev wrote: > > > On 06/08/18 10:27, m.roth at 5-cent.us wrote: >> John Hodrien wrote: >>> On Fri, 8 Jun 2018, m.roth at 5-cent.us wrote: >>> >>>> We've been required to encrypt h/ds, and so have been rolling that out >>>> over the last year or so. Thing is, you need to put in a password, of >>>> course, to boot the
2018 Jun 08
0
C7, encryption, and clevis
On 06/08/18 12:01, m.roth at 5-cent.us wrote: > Valeri Galtsev wrote: >> >> >> On 06/08/18 10:27, m.roth at 5-cent.us wrote: >>> John Hodrien wrote: >>>> On Fri, 8 Jun 2018, m.roth at 5-cent.us wrote: >>>> >>>>> We've been required to encrypt h/ds, and so have been rolling that out >>>>> over the last year or
2018 Jun 08
0
C7, encryption, and clevis
On 06/08/18 10:27, m.roth at 5-cent.us wrote: > John Hodrien wrote: >> On Fri, 8 Jun 2018, m.roth at 5-cent.us wrote: >> >>> We've been required to encrypt h/ds, and so have been rolling that out >>> over the last year or so. Thing is, you need to put in a password, of >>> course, to boot the system. My manager found a way to allow us to reboot
2018 Jun 08
0
C7, encryption, and clevis
On Fri, 8 Jun 2018, m.roth at 5-cent.us wrote: > We've been required to encrypt h/ds, and so have been rolling that out > over the last year or so. Thing is, you need to put in a password, of > course, to boot the system. My manager found a way to allow us to reboot > without being at the system's keyboard, a package called clevis. Works > fine... except in a couple of very
2018 Jun 08
5
C7, encryption, and clevis
On 06/08/18 13:48, m.roth at 5-cent.us wrote: > Frank Cox wrote: >>>> so if it would work, replace shortname with short and short1? >> >> With all of this hokey-pokey surrounding licensing and mac addresses, I >> wonder if this outfit is actually still in compliance with the terms of >> their license for this software, whatever it may be? >> >> If
2018 Jun 08
2
C7, encryption, and clevis
> > so if it would work, replace shortname with short and short1? With all of this hokey-pokey surrounding licensing and mac addresses, I wonder if this outfit is actually still in compliance with the terms of their license for this software, whatever it may be? If the software licensed to run only on Machine X and Machine X has now been junked and replace by Machine Y, then isn't the
2018 Jun 08
0
C7, encryption, and clevis
Valeri Galtsev wrote: > On 06/08/18 13:48, m.roth at 5-cent.us wrote: >> Frank Cox wrote: >>>>> so if it would work, replace shortname with short and short1? >>> >>> With all of this hokey-pokey surrounding licensing and mac addresses, I >>> wonder if this outfit is actually still in compliance with the terms of >>> their license for this
2018 Jun 10
0
C7, encryption, and clevis
On 2018-06-08, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > > Frank, I 100% agree with you. The only case with spoofed MAC address and > license that may have chance to stand in court will be if all below are > true: > > 1. the company issued perpetual license. > 2. the company does not exist Based on what's written below, it seems like the company does
2018 Jun 08
2
C7, encryption, and clevis
On 06/08/18 15:26, m.roth at 5-cent.us wrote: > Valeri Galtsev wrote: >> On 06/08/18 13:48, m.roth at 5-cent.us wrote: >>> Frank Cox wrote: >>>>>> so if it would work, replace shortname with short and short1? >>>> >>>> With all of this hokey-pokey surrounding licensing and mac addresses, I >>>> wonder if this outfit is
2018 Jun 08
0
C7, encryption, and clevis
Frank Cox wrote: >> > so if it would work, replace shortname with short and short1? > > With all of this hokey-pokey surrounding licensing and mac addresses, I > wonder if this outfit is actually still in compliance with the terms of > their license for this software, whatever it may be? > > If the software licensed to run only on Machine X and Machine X has now >
2018 Feb 13
0
Two MACs for one IP
The reason I want to assign one IP to two MAC addresses is that I have one (and only one) user for whom I have to spoof the MAC address (it's a case of stupid software licensing). But... his system is encrypted. Now, we're using clevis to allow reboots without someone being at the keyboard to type in the password. Those of you who've looked at clevis see where this is going: clevis
2017 Jun 30
2
C7 and spoofed MAC address
Got a problem: a user's workstation froze. He wound up rebooting, without calling me in first, so I dunno. But, and this is a show-stopper, when it came up, it came up with the firmware MAC, not the spoofed one. In /etc/sysconfig/network-scripts/ifcg-eth0, I've got the spoofed MAC address, and a UUID. In the grub.conf, I've got net.ifnames=0 biosdevname=0. But when I logged onto his
2018 Jun 08
0
C7, encryption, and clevis
Valeri Galtsev wrote: > On 06/08/18 15:26, m.roth at 5-cent.us wrote: <SNIP> >>> On a similar note: one of the companies whose software scientists here >>> were using a lot (IDL is a product) changed hand several times, and >>> last owner changed licensing terms and stopped signing perpetual licenses. >>> With perpetual license you were able to keep
2018 Jun 08
1
C7, encryption, and clevis
On 06/08/18 15:45, m.roth at 5-cent.us wrote: > Valeri Galtsev wrote: >> On 06/08/18 15:26, m.roth at 5-cent.us wrote: > <SNIP> >>>> On a similar note: one of the companies whose software scientists here >>>> were using a lot (IDL is a product) changed hand several times, and >>>> last owner changed licensing terms and stopped signing perpetual
2018 Nov 27
1
NBDE, clevis and tang for non-root disk
Radu Radutiu wrote: > On Tue, Nov 27, 2018 at 3:14 PM mark <m.roth at 5-cent.us> wrote: > >> What we do is to have the encryption key of the secondary filesystem in >> /etc/crypttab, which is, of course, 600. As it boots, it decrypts from >> that as it mounts the rest of the system. >> > Thanks, this is working as expected and it gave me the hint needed to
2017 Jul 07
0
C7 and spoofed MAC address
On 30 June 2017 at 18:58, <m.roth at 5-cent.us> wrote: > Got a problem: a user's workstation froze. He wound up rebooting, without > calling me in first, so I dunno. But, and this is a show-stopper, when it > came up, it came up with the firmware MAC, not the spoofed one. In > /etc/sysconfig/network-scripts/ifcg-eth0, I've got the spoofed MAC > address, and a UUID. In
2019 Oct 17
0
Using Clevis/Tang (NBDE) to automatically decrypt volumes from within libguestfs
This is about Network-Bound Disk Encryption (NBDE) not to be confused of course with NBD! NBDE is where you use disk encryption in your virtual machines. But instead of having to type a passphrase when the guest boots, there is a network server which gives out tokens, so as long as the guest is booted from the trusted network it is able to boot unattended. In RHEL[1] we have three pieces of
2019 Jul 29
2
initramfs annoyances (I think)
> Am 29.07.2019 um 22:37 schrieb J Martin Rushton via CentOS <centos at centos.org>: > > On 29/07/2019 20:58, mark wrote: >> Moved a server from the datacenter to our secure room. I've changed the >> DNS, and our dhcpd... and yet, every time it boots, it comes up with the >> IP it had in the datacenter. >> >> Any idea where it could be caching the
2020 Jul 08
1
Re: Could you please help with questions about the net failover feature
On 7/8/20 10:02 AM, Ken Cox wrote: > > On 7/8/20 1:30 AM, Stefan Assmann wrote: >> On 2020-07-06 10:01, Laine Stump wrote: >>> On 7/6/20 5:10 AM, Yalan Zhang wrote: >>>> Hi Laine, >>>> >>>> For the feature testing before, I only test the linux bridge setting as >>>> in 2), it works. >>>> Now I tried 1), to use