OPENCRYPTOKI(7) openCryptoki OPENCRYPTOKI(7)NAME
openCryptoki - A PKCS#11 implementation.
DESCRIPTION
openCryptoki is an implementation of the PKCS#11 API standard. It provides an interface to the functions of underlying cryptographic
tokens, which may be implemented via software or hardware. The PKCS#11 specification has been released by RSA Labs. More information on
PKCS#11 can be found on the RSA labs website: http://www.rsa.com/rsalabs.
To use openCryptoki, run the pkcsslotd daemon. The daemon will read the opencryptoki.conf file to collect information about the tokens and
their slots.
Use the pkcsconf utility to further configure openCryptoki once the daemon is running.
SECURITY NOTE
All non-root users that require access to PKCS#11 tokens using openCryptoki must be assigned to the pkcs11 group to be able to communicate
with the pkcsslotd daemon. Only fully trusted users should be granted membership in the group. Group members can block other openCryptoki
users from accessing PKCS#11 tokens, and execute arbitrary code with the privileges of other openCryptoki users.
SEE ALSO pkcsslotd(8),
pkcsconf(1),
opencryptoki.conf(5).
3.0 May 2007 OPENCRYPTOKI(7)
Check Out this Related Man Page
PKCSSLOTD(8) openCryptoki PKCSSLOTD(8)NAME
pkcsslotd - shared memory manager for opencryptoki
DESCRIPTION
The pkcsslotd daemon manages PKCS#11 objects between PKCS#11-enabled applications. When 2 or more processes are accessing the same crypto-
graphic token, the daemon is notified and updates each application when the token's objects change.
NOTES
Only one instance of the pkcsslotd daemon should be running on any given host. If a prior instance of pkcsslotd did not shut down cleanly,
then it may leave an allocated shared memory segment on the system. The allocated memory segment can be identified by its key and can be
safely removed once the daemon is stopped with the ipcrm command, such as:
ipcrm -M 0x6202AB38
In order to prevent a denial of service against the daemon, the shared memory segment is created with group ownership by the "pkcs11"
group. Any application that requires access to a pkcs11 token must be run by a user who's a member of the "pkcs11" group.
SEE ALSO opencryptoki(7),
pkcsconf(1),
pk_config_data(5),
pkcs11_startup(1).
2.3.1 May 2007 PKCSSLOTD(8)
I am running iPlanet 6 on HP-UX 11, and presently all users can access the site.
There are 6000 users accessing the website from an Windows Network. I would like users to access the site, but would also like to log user ID's in the access log, without prompting users for an ID/Password.
Is... (1 Reply)
hi to all
i'm a newbie on aix.
how would i block temporarily a few users in accessing our aix server so that other users may not be affected by th cpu usage...because if all of them accessing our server the CPU utilization goes high...
thanks
winky (3 Replies)
All,
Stuck with a XTERM issue ?? For some users, who are having execute permission (valid users), it's not showing the scroll bar in the GUI. Whereas for other invalid users( who do not have the execute permission) shows the scroll bar in the GUI. Confused ??? what could be the problem ?? Even,... (2 Replies)
Hello for all!
This is the situation:
I must create many users that only can execute telnet and ping.
Create users is not a problem, but I donīt know how limit the users privileges, to only execute telnet and ping.
I hope you can help me.
Thank's for all.
Bye :)
PD: Sorry for my... (4 Replies)