On Thu, 16 Aug 2001, Miguel A.L. Paraz wrote:
..
> OK here's a practical problem. How can you restart a SSL webserver
> without prompting for a password from the tty? Either you store the private
> key unencrypted, but in the "safe" place being sought; or encrypt it, but
> keep the password/phrase - much smaller in terms of bytes - "safe".
>
> The CD, or a write-protected floppy, would provide read-only media that
> cannot be tampered, but an intruder can still read and steal it.
What I do for my SSL server is write a little program which spits out the
passphrase on stdout, and configure this:
SSLPassPhraseDialog exec:/opt/apache/bin/passphrase
My passphrase binary is just a simple "hello, world" analog -- but you can
easily extend it to read from a CDROM drive or similar. To have TRUE
security, what you store on the CDROM is not the passphrase/SSL cert, but
the passphrase/SSL cert, encrypted by something machine-local (like the
machine ID or MAC address). So if someone steals the CD, it's still no use
to them..
Obviously this method still is full of gaping holes. I leave it as an
exercise to make things more complicated =)
(like maybe use a fingerprint reader's output as the symmetric key? the
possibilities are endless)
--
Orlando Andico <[EMAIL PROTECTED]>
Mosaic Communications, Inc.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GE d(-) s: a-25 C++++ UBLSI++++$ P+++ L+++>++++ E- W++ N(+)
o K? w O-- M- !V PS(++) PE- Y PGP-- t(+)@ 5(+) X++@ R(+) tv@
b++ DI++ G e++@ h--(*) r% y+
------END GEEK CODE BLOCK------
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
