Re: Should we automatically generate a module signing key at all?

From: Jiri Kosina
Date: Tue May 19 2015 - 17:47:14 EST

Next message: Dan Carpenter: "Re: [PATCH 1/3 v3] Staging: rtl8192u: Simplify error check code at prism2_wep_init"
Previous message: Brian Norris: "Re: [PATCH 5/6 linux-next] ubifs: remove unnecessary else after break"
In reply to: David Howells: "Re: Should we automatically generate a module signing key at all?"
Next in thread: Michal Marek: "Re: Should we automatically generate a module signing key at all?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 19 May 2015, David Howells wrote:

> That wouldn't very convenient for building our kernels in our build farm
> - we have a lot of machines and all of them would have to be equiped
> with the key. Besides, we *want* to discard the private key where
> possible as soon as possible because then we can't leak it and we can't
> be forced to disclose it.

You can still have a dedicated machine that's used just for signing the
binaries. That machine wouldn't be connected to the network, would be
physically secured, and would sign through a serial line or so.

--
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Carpenter: "Re: [PATCH 1/3 v3] Staging: rtl8192u: Simplify error check code at prism2_wep_init"
Previous message: Brian Norris: "Re: [PATCH 5/6 linux-next] ubifs: remove unnecessary else after break"
In reply to: David Howells: "Re: Should we automatically generate a module signing key at all?"
Next in thread: Michal Marek: "Re: Should we automatically generate a module signing key at all?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]