get dependencies
pkg install -y gmake libtool pkgconf wget gcc openssl tpm2-tss tpm2-abrmd
link python and gcc
ln -s /usr/local/bin/gcc /usr/bin/gcc && ln -s /usr/local/bin/python3.7 /usr/bin/python
Nabil Schear nabilschear
nabilschear
/ app_sources.cpp
Created
June 4, 2020 01:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Copyright (c) 2014-present, Facebook, Inc. | |
| * All rights reserved. | |
| * | |
| * This source code is licensed in accordance with the terms specified in | |
| * the LICENSE file found in the root directory of this source tree. | |
| */ | |
| #include <boost/algorithm/string/replace.hpp> |
nabilschear
/ keylime_freebsd.md
Last active
February 26, 2020 22:02
nabilschear
/ cloud_verifier_tornado.py
Last active
November 8, 2019 18:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| ''' | |
| DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited. | |
| This material is based upon work supported by the Assistant Secretary of Defense for | |
| Research and Engineering under Air Force Contract No. FA8721-05-C-0002 and/or | |
| FA8702-15-D-0001. Any opinions, findings, conclusions or recommendations expressed in this | |
| material are those of the author(s) and do not necessarily reflect the views of the | |
| Assistant Secretary of Defense for Research and Engineering. |
nabilschear
/ revocation.md
Last active
September 21, 2019 13:45
Start from this kind of environment: https://gist.github.com/nabilschear/0ccdf7d132c9add5503e5fc6df53ee1d
There should be no reason to change the default keylime.conf other than to disable require_ek_cert as specified in the above gist.
The idea is to securely deliver an ssh key to a machine and then revoke it by removing it from the offending machine.
create a directory called ssh_revoke and create the following files
nabilschear
/ getting_started.md
Last active
September 20, 2019 19:49
nabilschear
/ crypto.py
Created
March 27, 2019 16:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited. | |
| This material is based upon work supported by the Assistant Secretary of Defense for | |
| Research and Engineering under Air Force Contract No. FA8721-05-C-0002 and/or | |
| FA8702-15-D-0001. Any opinions, findings, conclusions or recommendations expressed in this | |
| material are those of the author(s) and do not necessarily reflect the views of the | |
| Assistant Secretary of Defense for Research and Engineering. | |
| Copyright 2015 Massachusetts Institute of Technology. |