[Opendnssec-develop] Re: PIN daemon
Rickard Bellgrim
rickard at opendnssec.org
Tue Aug 16 11:07:11 UTC 2011
See attached file.
On Tue, Aug 16, 2011 at 12:39 PM, Jakob Schlyter <jakob at kirei.se> wrote:
> Can you show us s diff? Or commit to a private branch?
>
> --
> Sent from my iPhone, hence this mail might be briefer than normal.
>
> 16 aug 2011 kl. 12:16 skrev Rickard Bellgrim <rickard at opendnssec.org>:
>
>>> The different PIN sharing techniques (shared memory, domain sockets
>>> (ssh-agent et. al), message queues, etc.) all boils down to basic unix
>>> permissions. So it is more a choice of how we would like to implement
>>> it.
>>>
>>> The advantage of shared memory is that we do not need any special
>>> daemon to handle the PINs. It can be part of libhsm. If there is a PIN
>>> in config then us it, if not then try the shared memory. If it is not
>>> there, then wait for a signal to check again. "ods-hsmutil login"
>>> could be used by the user. This command would tell hsm_open() to also
>>> output the PIN prompt, thus not getting blocked as the other
>>> applications.
>>
>> I have code for this. Should I commit?
>>
>> // Rickard
>> _______________________________________________
>> Opendnssec-develop mailing list
>> Opendnssec-develop at lists.opendnssec.org
>> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop
>>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pin.patch
Type: application/octet-stream
Size: 23586 bytes
Desc: not available
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20110816/abca2856/attachment.obj>
More information about the Opendnssec-develop
mailing list