picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

journal: add references to SSKG paper FSS is based on

This commit is contained in:
Lennart Poettering 2013-06-18 16:25:11 +02:00
parent 55d32caf94
commit fe004b7c3a
3 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
man/journalctl.xml
View File

@ -593,7 +593,10 @@
sealing key is stored in the journal
data directory and shall remain on the
host. The verification key should be
stored externally.</para></listitem>
stored externally. Also see the
<option>Seal=</option> option in
<citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.</para></listitem>
</varlistentry>
<varlistentry>

12
man/journald.conf.xml
View File

@ -130,9 +130,15 @@
by
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
<option>--setup-keys</option>
command), forward secure sealing (FSS) for
all persistent journal files is
enabled.</para></listitem>
command), forward secure sealing (FSS)
for all persistent journal files is
enabled. FSS is based on <ulink
url="http://eprint.iacr.org/2013/397">Seekable
Sequential Key Generators</ulink> by
G. A. Marson and B. Poettering and
may be used to protect journal files
from unnoticed
alteration.</para></listitem>
</varlistentry>
<varlistentry>

6
src/journal/fsprg.c
View File

@ -19,7 +19,13 @@
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA
*/
/*
* See "Practical Secure Logging: Seekable Sequential Key Generators"
* by G. A. Marson, B. Poettering for details:
*
* http://eprint.iacr.org/2013/397
*/
#include <gcrypt.h>