Re: Crypto question

Find in this group all groups

Home Log In Sign Up FAQ

Unknown

more information…

l : linux-390@vm.marist.edu

14 June 2012 • 3:56PM -0400

Re: Crypto question
by Reinhard Buendgen

Google me that

REPLY TO AUTHOR

Google me that

REPLY TO GROUP

The user pins can be recovered as long as you still know the pin of the
security officer (SO pin).
If you forget the SO pin you are out of luck. You must reset the pins. To
do that delete
the files NVTOK.DAT, MK_USER and MK_SO from /var/lib/opencryptoki/<token>/
where <token> is "lite" for the ica token, "ccatok" for the cca token and
"swtok" for the software token.

Mit freundlichen Grüßen/Best Regards/Cordialement

Reinhard

Dr. Reinhard Bündgen
RAS & Crypto Architect for Linux on System z
Virtualization and Systems Management

Mail:buendgen@de.i...
Phone: ++49-(0)7031-16-1130
Fax: ++49-(0)7031-16-3456

IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martina Koederitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294

From:   Marcy Cortes <Marcy.D.Cortes@well...>
To:     LINUX-390@vm.m...
Date:   05/26/2012 12:19 AM
Subject:        Crypto question
Sent by:        Linux on 390 Port <LINUX-390@vm.m...>

So I was asked this about pkcsconf.   What if we lose our PINs?    Can you
find them or clear them?

I don't know!  Where are these kept?    It's got to be somewhere on the
server itself or does the HW remember which virtual server has what pin? I
can't think of anything in VM that would keep track of them.

This is for Linux under VM - CRYPTO APVIRT in the directory.

Marcy

This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the addressee,
you must not use, copy, disclose, or take any action based on this message
or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation.

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to LISTSERV@VM.M... with the message: INFO LINUX-390 or
visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to LISTSERV@VM.M... with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/

Bookmark with:

Delicious

Digg

Facebook

StumbleUpon

Related Messages

opensubscriber is not affiliated with the authors of this message nor responsible for its content.