10-16-2009
Quote:
Originally Posted by
vandi
So, logging into point 1. is it a global zone?
correct...
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
okay people i need some help:
i was able to configure zones on my solaris 10 server, the problem is I can't ssh into the zones!!! I can zlogin -C zone2 successfully for both zones. Am I missing something? I can ping the zones, but can't ssh. From the zones, I can ping my global server. (7 Replies)
Discussion started by: Sarccastik Dude
7 Replies
2. Solaris
Hi All,
I am getting zone error
# /usr/sbin/zoneadm -z asflxpoc1 boot -s
could not verify net address=169.185.246.229 physical=ce0: No such device or address
could not verify net address=169.185.246.230 physical=ce0: No such device or address
Any ideas for this error message.
The... (13 Replies)
Discussion started by: jegaraman
13 Replies
3. Solaris
Hello All,
I have a list of Local Zones in my list. I want to find out their Global Zone names exactly....I know the command "arp ..."But I dont know how to filter it correctly and find it out.
Thanks in advance,
Jacky (9 Replies)
Discussion started by: jegaraman
9 Replies
4. Solaris
I have a Solaris 10 box configured with a global zone and 3 non-global zones. All of the zones need to be configured so they can access and run an application in the global zone located at /export/home. How do i make this application and all of its accompanying files available to the 3 non-global... (3 Replies)
Discussion started by: goose25
3 Replies
5. Solaris
Hi Every,
I would like to know some questions on Zones???
1.what are types of zones we can install in global zone???
2.Exact difference between sparce root and whole root???
3.can we change the ip address of a running zone???
4.how to find our in which zone we are running and how many... (8 Replies)
Discussion started by: tirupathiraju_t
8 Replies
6. Solaris
Hi,
I created a zone with separate /usr for the zone.
when I do ping to newly created zone it showing alive, I am able to login through zone console zlogin -C -E <zone name>
I created a test account on zone which is already existing under global zone and try to ssh, it is working fine but... (1 Reply)
Discussion started by: alberto
1 Replies
7. Solaris
Hi,
I use a zoned solaris box, 5.10 Generic_118833-33, E2900. It is used for both a database and application. The databases are installated on one zone and then there are separate live, development and test application zones.
There has been a requirement to install openldap on the... (1 Reply)
Discussion started by: jabberwocky
1 Replies
8. Solaris
Hi friends,
Actually I faced problem in solaris zone. i was created 4 zones on my server. but one of them is not working ?
so, where i wll get the error logs, and how to troubleshoot the problem.
i have some kind of urgency.
Please reply. (2 Replies)
Discussion started by: rajaramrnb
2 Replies
9. Solaris
Hi guys and gals,
Does anyone know how to import solaris zones from the xml files that sit in /etc/zones?
I want the zones from one machine to another, all I have is the XML files for the zones, so I can't export them first.
Thanks in advance
Martin (1 Reply)
Discussion started by: callmebob
1 Replies
10. Solaris
Hi All
Kindly let me know how can I move Solaris 10 OS running update 10 on physical machine to another machine solaris zone running Solaris 10 update 11 (2 Replies)
Discussion started by: amity
2 Replies
LEARN ABOUT CENTOS
tpm_quote_tools
TPM QUOTE
TOOLS(8) TPM QUOTE TOOLS(8)
NAME
TPM Quote Tools
PROGRAMS
tpm_mkuuid, tpm_mkaik, tpm_loadkey, tpm_unloadkey, tpm_getpcrhash, tpm_updatepcrhash, tpm_getquote, tpm_verifyquote
DESCRIPTION
TPM Quote Tools is a collection of programs that provide support for TPM based attestation using the TPM quote operation.
A TPM contains a set of Platform Configuration Registers (PCRs). In a well configured machine, some of these registers are set to known
values during the boot up process or at other times. For example, a PCR might contain the hash of a boot loader in memory before it is
run.
The TPM quote operation is used to authoritatively verify the contents of a TPM's Platform Configuration Registers (PCRs). During provi-
sioning, a composite hash of a selected set of PCRs is computed. The TPM quote operation produces a composite hash that can be compared
with the one computed while provisioning.
To use the TPM quote operation, keys must be generated. During provisioning, an Attestation Identity Key (AIK) is generated for each TPM,
and the public part of the key is made available to entities that validate quotes.
The TPM quote operation returns signed data and a signature. The data that is signed contains the PCRs selected for the operation, the
composite hash for the selected PCRs, and a nonce provided as input, and used to prevent replay attacks. At provisioning time, the data
that is signed is stored, not just the composite hash. The signature is discarded.
An entity that wishes to evaluate a machine generates a nonce, and sends it along with the set of PCR used to generate the composite PCR
hash at provisioning time. For this use of the TPM quote operation, the signed data is ignored, and the signature returned is used to val-
idate the state of the TPM's PCRs. Given the signature, the evaluating entity replaces the nonce in the signed data generated at provi-
sioning time, and checks to see if the signature is valid for the data. If so, this check ensures the selected PCRs contain values that
match the ones measured during provisioning.
A typical scenario for an enterprise using these tools follows. The tools expect AIKs to be referenced via one enterprise-wide Universally
Unique Identifier (UUID). The program tpm_mkuuid creates one.
For each machine being checked, an AIK is created using tpm_mkaik. The key blob produced is bound to the UUID on its machine using
tpm_loadkey. The public key associated with the AIK is sent to the entities that verify quotes. Finally, the expected PCR composite hash
is obtained using tpm_getpcrhash. When the expected PCR values change, a new hash can be generated with tpm_updatepcrhash.
The program to obtain a quote, and thus measure the current state of the PCRs is tpm_getquote. The program that verifies the quote
describes the same PCR composite hash as was measured initially is tpm_verifyquote.
SEE ALSO
tpm_mkuuid(8), tpm_mkaik(8), tpm_loadkey(8), tpm_unloadkey(8), tpm_getpcrhash(8), tpm_updatepcrhash(8), tpm_getquote(8), tpm_verifyquote(8)
Oct 2010 TPM QUOTE TOOLS(8)