[AG-TECH] vic and rat encryption

Andrew Rowley Andrew.Rowley at manchester.ac.uk
Wed Mar 29 13:36:48 CST 2006


Note that inSORS nodes don't support Rijindael as far as I know, so you will have to use DES.

Andrew :)

Access Grid Support Centre,
RSS Group,
Manchester Computing,
Kilburn Building,
University of Manchester,
Oxford Road,
M13 9PL,
Tel: +44(0)161-275 0685
Email: Andrew.Rowley at manchester.ac.uk 

-----Original Message-----
From: owner-ag-tech at mcs.anl.gov [mailto:owner-ag-tech at mcs.anl.gov] On Behalf Of Jeremy Mann
Sent: 29 March 2006 17:28
To: 'Derek Piper'
Cc: 'ag-tech at mcs.anl.gov'
Subject: Re: [AG-TECH] vic and rat encryption

Derek Piper said:
> 	You may be better off using Rjindael encryption, which is normally 
> used on AG Venues when setting the 'encryption' option in the venue 
> server config.
> 	A Rjindael key is passed to VIC and RAT as 'Rjindael/passphrase' 
> where passphrase should be something random and unguessable, and 
> distributed to those needing the key to enter manually. There's a 
> program for Debian called 'pwgen' that I've used to generate a 
> passphrase before. For manually entering the key, you would probably 
> just disable the venue encryption and manually key it in. For a DES 
> key, just use a passphrase that doesn't start with a string 'Rjindael/'.
> 	Of course you can also use certificates to secure a venue too, so not 
> just anyone can enter and obtain the encryption key.

The certificate security can not be done because half the participants are inSORS nodes. I'll try out this pwgen and test it out. Thanks!

Jeremy Mann
jeremy at biochem.uthscsa.edu

University of Texas Health Science Center
Bioinformatics Core Facility http://www.bioinformatics.uthscsa.edu
Phone: (210) 567-2672

More information about the ag-tech mailing list