[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Password protection of TLS key
> No really good ideas come to mind. I have a patch for libldap to
> explicitly
> set a callback to supply the key password, it won't make it into
> 2.4.13 but
> probably will be in 2.4.14. I will probably add two options to slapd,
Hi,
Did this make it into 2.4.14? I've checked the CHANGES and can't see anything
mentioned re libldap?
Thanks.
> analogous to the back-bdb options to set the DB encryption key. (One
> option to
> set the key directly as an argument of the config option, one option
> to read
> the key from an arbitrary file.) Obviously for automated startup the
> plaintext
> of the key must be accessible to the slapd somewhere, and that means
> it is
> also accessible to potential intruders. This is just a fact of life.
> You can
> make key retrieval more tedious by hiding it behind other layers of
> encryption, but ultimately the keys to each of those layers must also
> be
> accessible, otherwise slapd itself cannot use them.
>
> There are "clever" schemes to hide startup keys, but they tend to make
>
> restarts difficult. E.g., store keys on a mountpoint that you remount
> some
> other filesystem onto after the boot sequence has completed and all
> dependent
> daemons have started. Keep a file handle open on the new filesystem,
> to
> prevent it from being dismounted without rebooting the system. It'll
> fool a
> lot of intruders, but you won't be able to restart individual daemons
> without
> rebooting the machine.
>
> > Akke Bengtsson
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghenry@OpenLDAP.org
Community developed LDAP software.
http://www.openldap.org/project/