Patching the assembly code is the work of Julius Zint -
not my work. I have only patched the patch files because
some of the old one doesn't work anymore. This is because
of some changes of OpenBSDs source code which are preventing
the patch util to find the lines to change.
‐‐‐ Original
That's very interesting, and good work patching the assembly code.
On Wed, Apr 21, 2021 at 08:26:18AM +, podolica wrote:
Hi all,
I have tested if the trusted boot implementation
of Julius Zint for OpenBSD 6.5
(https://marc.info/?l=openbsd-misc=158255450604977=2)
is still working in
Hi all,
I have tested if the trusted boot implementation
of Julius Zint for OpenBSD 6.5
(https://marc.info/?l=openbsd-misc=158255450604977=2)
is still working in OpenBSD 6.8.
Despite of some patch files that had to be updated,
all changes needed to be applied can be applied and
Trusted Boot can
>> I can't tell from the instructions how the FDE encryption key is stored --
>> do we manually seal it to the TPM and then manually unseal and copy/paste it
>> every time we boot? Or is it assumed the user will write a script to handle
>> this -- a script which itself will have to be
On Mon, Feb 24, 2020 at 03:22:28PM +0100, Julius Zint wrote:
boot(8) supports the machine specific command "tpm". This allows a
user to:
1: read the current contents of the Platform Control Registers (PCR)
with the "pcr" parameter
machine tpm p[cr]
2: seal a user supplied secret to the
As part of my master thesis i wrote code to enable a trusted boot
with OpenBSD. This short manual is for everyone who wants to try it.
Feedback on the code and the feature itself is also appreciated.
Requirements:
1: OpenBSD 6.5 (might also work with 6.6 but only tested with 6.5)
2
6 matches
Mail list logo