Darren J Moffat wrote: > > Template Version: @(#)sac_nextcase %I% %G% SMI > 1. Introduction > 1.1. Project/Component Working Name: > lofi(7d) crypto support > 1.2. Name of Document Author/Supplier: > Author: Darren Moffat > 1.3 Date of This Document: > 02 January, 2007 > 4. Technical Description [snip] > Command Syntax > -------------- > > See materials/lofiadm.1m > > Example Usage > ------------- > > 1. Prompt for passphrase and derive key: > > # lofiadm -c aes-cbc-256 -a /dev/dsk/c0t0d0s7 > Enter passphrase: > > 2. Raw AES key in file: > > # lofiadm -c aes-cbc -a /home/jru/private -k /rmdisk/jru/key > > 3. Key called 'mykey' in PKCS#11 token 'Sun Software PKCS#11 softtoken': > > # lofiadm -c aes-cbc -a /home/jru/private \ > -T 'Sun Software PKCS#11 softtoken':::mykey > Enter token PIN: > > 4. Key called 'finance' in any any available PKCS#11 token: > > # lofiadm -c aes-cbc -a /data/finance -T :::finance > Enter token PIN: > > 5. AES key wrapped with PKCS#11 token object named 'ekey' > > # lofiadm -c aes-cbc -a /data/projectb -T :::ekey \ > -k /rmdisk/mykeys/projectb > Enter token PIN:
Is there any way to add support for 1) Kerberos5 and 2) Solaris's secure_rpc API ? Both may be very usefull if data need to be exchanged at sites which have one of these "secure authetification" schemes configured... ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) roland.mainz at nrubsig.org \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 7950090 (;O/ \/ \O;)