[strongSwan] TPM Owner password in strongswan IMC
Andreas Steffen
andreas.steffen at strongswan.org
Fri Aug 12 17:46:51 CEST 2016
Hi Vikas,
there is currently no provision to use a non-default password.
Putting the TPM owner password into strongswan.conf wouldn't make
any sense so some kind of password-prompting mechanism would have
to be built into the IMC. Or if the IMV would transmit the password
via an IF-M attribute to the IMC, this would give the IMC on the
client a chance to retrieve the password.
Best regards
Andreas
On 08/12/2016 05:09 PM, Charak, Vikas wrote:
>
> Hi StrongSwan Team,
>
> I have a question regarding Attestation using IMC/IMV. On properly
> configuring attestation plugin in StrongSwan client, I do see that TPM
> quotes being send to the StrongSwan server.
>
> This all works fine if you are using default TPM owner and SRK auth at
> the client side. Is there a provision in StrongSwan to use a
> non-default password for TPM owner authentication? If yes, is there a
> configuration in strongswan to set the TPM Owner password?
>
> Regards,
>
> Vikas
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4275 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160812/b4f45ca3/attachment.bin>
More information about the Users
mailing list