[strongSwan] Fwd: about build-database.sh
Yueqiang Cheng
strongerwill at gmail.com
Thu Jul 5 20:28:15 CEST 2018
Hi Andreas
Sorry to bother you. Recently, I installed the StrongSwan for IMA remote
attestation following the guideline at:
*https://wiki.strongswan.org/projects/strongswan/wiki/IMA
<https://wiki.strongswan.org/projects/strongswan/wiki/IMA>*
For the build-database.sh, I did some modifications:
p="Ubuntu 16.04 x86_64"
a="x86_64-linux-gnu"
k="4.13.0-45-generic"
Then I run the test command, I got nothing:
>ipsec attest --hashes --sha1 --product "Ubuntu 16.04 x86_64"
0 SHA1 values found for product 'Ubuntu 16.04 x86_64'
>ipsec attest --hashes --sha1
5: /lib/x86_64-linux-gnu
1: libcrypto.so.1.0.0
18: Ubuntu 12.10 x86_64
10: d9309b9e45928239d7a7b18711e690792632cce4
3: libssl.so.1.0.0
18: Ubuntu 12.10 x86_64
13: 3715f2f94016a91fab5bbc503f0f1d43c5a9fc2b
8: /usr/bin
5: openssl
28: Debian 7.2 x86_64
7: ecd9c7076cc0572724c7a67db7f19c2831e0445f
18: Ubuntu 12.10 x86_64
16: e59602f4edf24c1b36199588886d06665d4adcd7
11: /usr/lib/x86_64-linux-gnu
2: libcrypto.so.1.0.0
28: Debian 7.2 x86_64
1: 6c6f8e12f6cbfba612e780374c4cdcd40f20968a
4: libssl.so.1.0.0
28: Debian 7.2 x86_64
4: 3ad204f99eb7262efab79cfca02628870ea76361
6 SHA1 values found
However, when I open the config.db at /etc/pts/, I found there are over 10K
files there and file_hashes. However, there version is 0.
I think due to this reason, the measurement for the device is:
*processed 1315 IMA file evidence measurements: 0 ok, 1315 unknown, 0
differ, 0 failed; 22 BIOS evidence measurements are ok*
I also try different machine to generate the database, the result is the
same. Please guide me to address this issue. Thx.
If you need more information, please let me know. Thx.
Best wishes
Yueqiang Cheng
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180705/2b98208f/attachment-0001.html>
More information about the Users
mailing list