The 25 Gigabit Ethernet Rollout
Expect the new Ethernet standard show up quickly in data centers and campus networks.
Expect the new Ethernet standard show up quickly in data centers and campus networks.
When IBM started to use the word “open” in conjunction with its Power architecture more than three years with the formation of the OpenPower Foundation three years ago, Big Blue was not confused about what that term meant. If the Power architecture was to survive, it would do so by having open specifications that would allow third parties to not only make peripherals, but also to license the technology and make clones of Power8 or Power9 processors.
One of the key technologies that IBM wove into the Power8 chip that differentiates it from Xeon, Opteron, ARM, and Sparc processors is …
Opening Up The Server Bus For Coherent Acceleration was written by Timothy Prickett Morgan at The Next Platform.
I managed to get an SSH client working using an SSH pubkey protected by a TPM.
This is not needed, since TPM operations only need well known SRK PIN, not owner PIN, to do useful stuff. I only document it here in case you want to do it. Microsoft recommends against it.
Set OSManagedAuthLevel to 4
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\TPM\OSManagedAuthLevel 2 -> 4
Reboot.
Clear TPM
Run tpm.msc and choose “Clear TPM”. The machine will reboot
and ask you to press F12 or something for physical proof of
presence to clear it.
Set owner password from within tpm.msc
Create key
tpmvscmgr.exe create /name "myhostnamehere VSC" /pin prompt /adminkey random /generate
PIN must be at least 8 characters.
Create CSR
Create a new text file req.inf:
[NewRequest]
Subject = "CN=myhostnamehere"
Keylength = 2048
Exportable = FALSE
UserProtected = TRUE
MachineKeySet = FALSE
ProviderName = "Microsoft Base Smart Card Crypto Provider"
ProviderType = 1
RequestType = PKCS10
KeyUsage = 0x80
certreq -new -f req.inf myhostname.csr
If you get any errors, just reboot and try again with the command that failed.
Get the CSR signed by any Continue reading
I managed to get an SSH client working using an SSH pubkey protected by a TPM.
This is another post in my series in playing with TPM chips:
This is not needed, since TPM operations only need well known SRK PIN, not owner PIN, to do useful stuff. I only document it here in case you want to do it. Microsoft recommends against it.
Set OSManagedAuthLevel to 4
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\TPM\OSManagedAuthLevel 2 -> 4
Reboot.
Clear TPM
Run tpm.msc and choose “Clear TPM”. The machine will reboot
and ask you to press F12 or something for physical proof of
presence to clear it.
Set owner password from within tpm.msc
Create key
PIN must be at least 8 characters.C:\> tpmvscmgr.exe create /name “myhostnamehere VSC” /pin prompt /adminkey random /generate
Create CSR
Create a new text file req.inf:
[NewRequest] Subject = “CN=myhostnamehere” Keylength = 2048 Exportable = FALSE UserProtected = TRUE MachineKeySet = FALSE ProviderName = “Microsoft Base Smart Card Crypto Provider” ProviderType = 1 RequestType = PKCS10 KeyUsage = 0x80
C:\> certreq -new -f req.inf Continue reading