Monday Sep 15, 2008

SunSSH with HW crypto support

On Friday Sep 12, I integrated 6445288 ssh needs to be OpenSSL engine aware project which will be released together with Nevada 99. The project was targeted at UltraSPARC T2 platform (AKA Niagara 2) because it provides a hardware acceleration of symmetric encryption algorithms that can be used to speed up applications like SSH. Platforms without any hardware acceleration for symmetric ciphers are uneffected. If you have a Niagara 2 and will use the new code, you will see the difference without changing your configuration. It will work out of box. [Read More]

Friday Aug 01, 2008

Fixed PKCS#11 engine patch for 0.9.8h

We already found a bug in recent changes to the PKCS#11 engine. It was quickly fixed and the patch was updated. If your PKCS#11 backend offers just one slot you are not affected. You can download pkcs11_engine-0.9.8h.patch.2008-08-01, and take a look at README shipped as part of the patch. BTW, a check whether the patch is used on Solaris to trigger Solaris specific code was made automatic.

Tuesday Jul 29, 2008

PKCS#11 engine patch update for OpenSSL 0.9.8h

I've updated the PKCS#11 patch to the latest OpenSSL 0.9.8h version. It's rather a big update. During the last few months, Vladimir, Darren and me did some work on the PKCS#11 engine source code. The result is a bunch of fixed CRs that are now all integrated into OpenSolaris, and that means they are covered by this patch as well.[Read More]

Saturday Jun 28, 2008

New Security Features in OpenSolaris and Beyond

Me, Christoph Schuba and Mark Phalan put a paper together entitled "New Security Features in OpenSolaris and Beyond" that was accepted for publication at the OpenSolaris Developer Conference in Prague this week. Me and Mark then gave the talk in Prague.[Read More]

Monday Feb 18, 2008

X.509v3 support for SunSSH design document

I've been working for the past few weeks on a project that should provide X.509 support for server authentication and user public key authentication to SunSSH. At present, I've finished the design document and I also have a prototype version that doesn't have all the requested functionality but works well enough to confirm that it can be implemented according to the current design.[Read More]

Sunday Nov 25, 2007

Speeding up SSH data transfer on Niagara machines

We have been hearing complains that SSH is slow on Niagara boxes. I can't say anything else but to confirm it. However, there is a background story and a way to speed it up significantly.[Read More]

Friday Nov 16, 2007

Recent SunSSH Enhancements in OpenSolaris

A few days ago I was giving an internal presentation here in Prague on new features that were recently integrated into SunSSH. There were quite a few resyncs with OpenSSH, a couple of new options based on ideas that materialized here or ideas of our customers, and also outlined there are some plans for the future.

I put the slides on SunSSH page at OpenSolaris.Org. If you are interested in what's going on around SunSSH, you can read the presentation slides here.

Monday Oct 15, 2007

Using RSA keys by reference in the pkcs#11 engine (II.)

I've updated the recent patch because I was exporting some private attributes from the key store into the RSA structure; and that wasn't needed of course. Now only public attributes are exported and everything else performed in the token.[Read More]

About

Jan Pechanec

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today