Tuesday, February 20, 2018

Boston Linux Meeting Reminder, tomorrow, Wednesday, February 21, 2018 - Secure Keystores with TPM 2.0

When: February 21, 2018 7:00PM (6:30PM for Q&A)
Topic: Secure Keystores with TPM 2.0
Moderators: James Bottomley , Distinguished Engineer , IBM Research
Location: MIT Building E-51, Room 145
** Note room change


Summary:

Using TPM 2.0 As a Secure Keystore on your Laptop

Abstract:

For decades, all laptops have come with a TPM. Now with Microsoft
forcing the transition to the next generation, Linux faces a challenge
in that all the previous TPM 1.2 tools don't work with 2.0. Having to
create new tools for TPM 2.0 also provides the opportunity to integrate
the TPM more closely into our current crypto systems and thus give Linux
the advantage of TPM resident and therefore secure private keys. This
talks will provide the current state of play in using TPM 2.0 in place
of crypto sticks and USB keys for secure key handling; including the
algorithm agility of TPM 2.0 which finally provides a support for
Elliptic Curve keys which have become the default recently.

This talk will provide an overview of current TSS (Trusted computing
group Software Stack) for TPM 2.0 implementation on Linux, including a
discussion of the two distinct Intel and IBM stacks with their relative
strengths and weaknesses. We will then move on to integration of the TSS
into existing crypto system implementations that allow using TPM
resident keys to be used with common tools like openssl, gnutls, gpg,
openssh and gnome-keyring. We will report on the current state of that
integration including demonstrations of how it works and future plans.
The ultimate goal is to enable the seamless use of TPM resident keys in
all places where encrypted private keys are currently used, thus
increasing greatly the security posture of a standard Linux desktop.

Bio

James Bottomley is a Distinguished Engineer at IBM Research where he
works on Cloud and Container technology. He is also Linux Kernel
maintainer of the SCSI subsystem. He has been a Director on the Board of
the Linux Foundation and Chair of its Technical Advisory Board. He went
to university at Cambridge for both his undergraduate and doctoral
degrees after which he joined AT&T Bell labs to work on Distributed Lock
Manager technology for clustering. In 2000 he helped found SteelEye
Technology, a High availability company for Linux and Windows, becoming
Vice President and CTO. He joined Novell in 2008 as a Distinguished
Engineer at Novell's SUSE Labs, Parallels (later Odin) in 2011 as CTO of
Server Virtualization and IBM Research in 2016.



For further information and directions please consult the BLU Web site
http://www.blu.org

Parking:
MIT lots require permits after hours.
All Cambridge parking meters use Passport by Phone:
https://www.cambridgema.gov/traffic/Parking/paybyphone
This is active on all Cambridge metered parking spaces. Meters are free
after 8PM

For further information and directions please consult the BLU Web site
http://www.blu.org

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90










































































_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Friday, February 16, 2018

Boston Linux Meeting Wednesday, February 21, 2018 - Secure Keystores with TPM 2.0

When: February 21, 2018 7:00PM (6:30PM for Q&A)
Topic: Secure Keystores with TPM 2.0
Moderators: James Bottomley , Distinguished Engineer , IBM Research
Location: MIT Building E-51, Room 145
** Note room change


Summary:

Using TPM 2.0 As a Secure Keystore on your Laptop

Abstract:

For decades, all laptops have come with a TPM. Now with Microsoft
forcing the transition to the next generation, Linux faces a challenge
in that all the previous TPM 1.2 tools don't work with 2.0. Having to
create new tools for TPM 2.0 also provides the opportunity to integrate
the TPM more closely into our current crypto systems and thus give Linux
the advantage of TPM resident and therefore secure private keys. This
talks will provide the current state of play in using TPM 2.0 in place
of crypto sticks and USB keys for secure key handling; including the
algorithm agility of TPM 2.0 which finally provides a support for
Elliptic Curve keys which have become the default recently.

This talk will provide an overview of current TSS (Trusted computing
group Software Stack) for TPM 2.0 implementation on Linux, including a
discussion of the two distinct Intel and IBM stacks with their relative
strengths and weaknesses. We will then move on to integration of the TSS
into existing crypto system implementations that allow using TPM
resident keys to be used with common tools like openssl, gnutls, gpg,
openssh and gnome-keyring. We will report on the current state of that
integration including demonstrations of how it works and future plans.
The ultimate goal is to enable the seamless use of TPM resident keys in
all places where encrypted private keys are currently used, thus
increasing greatly the security posture of a standard Linux desktop.

Bio

James Bottomley is a Distinguished Engineer at IBM Research where he
works on Cloud and Container technology. He is also Linux Kernel
maintainer of the SCSI subsystem. He has been a Director on the Board of
the Linux Foundation and Chair of its Technical Advisory Board. He went
to university at Cambridge for both his undergraduate and doctoral
degrees after which he joined AT&T Bell labs to work on Distributed Lock
Manager technology for clustering. In 2000 he helped found SteelEye
Technology, a High availability company for Linux and Windows, becoming
Vice President and CTO. He joined Novell in 2008 as a Distinguished
Engineer at Novell's SUSE Labs, Parallels (later Odin) in 2011 as CTO of
Server Virtualization and IBM Research in 2016.



For further information and directions please consult the BLU Web site
http://www.blu.org

Parking:
MIT lots require permits after hours.
All Cambridge parking meters use Passport by Phone:
https://www.cambridgema.gov/traffic/Parking/paybyphone
This is active on all Cambridge metered parking spaces. Meters are free
after 8PM

For further information and directions please consult the BLU Web site
http://www.blu.org

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90








































































_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Thursday, February 8, 2018

Boston Linux and Unix InstallFest LXVI reminder Saturday February 10, 2018

Boston Linux Installfest LXVI
When: Saturday February 10, 2018, from 10:00 am to 4:30 pm
Where: Morse Institute Library
Innovation Studio second floor
14 E. Central Street
Natick, MA 01760
Plenty of free parking in the city parking lot on South Ave
behind the library

Map:
https://www.google.com/maps/place/Morse+Institute+Library/@42.28436,-71.345798,17z
/data=!3m1!4b1!4m2!3m1!1s0x89e387ad9d0241a9:0x42dacd80cae8a42d


https://morseinstitute.org/studio/

Also, the library staff requests that you register for the event. This
helps their head count.
Please go to the Morse Library event page:
http://www.eventkeeper.com/mars/xpages/m/morse/ek.cfm

Scroll down to the Feb 10th event, and click on Register.

The Innovation Studio is on the second floor of the library. The library
is a couple blocks' walk from the Natick Center MBTA commuter rail
station. From the station, head south down Washington Street, crossing
over South Avenue. You'll pass Dolphin Seafood on the right and
Agostinos on the left, then you'll pass Court Street on the right. The
library is the building to the left at the end of the road where
Washington meets East Central.

What you need to bring: Your computer, monitor, power strips and your
Linux distributions. We do have copies of some distributions.
In general we have expertise with most distros, but if you need special
expertise, please email the BLU discussion list in advance. Today, most
distros are using Live images that you can try out and then install.
This can be copied to DVDs or USB sticks.There are a number of USB
creators, such as UNetbootin (https://unetbootin.github.io/). Both
Fedora and Ubuntu have a USB creator built in.

COST: It's free! However, we DO have expenses, and contributions are
welcome. Please consider contributing $25 per machine.

Our volunteers will help you to install Linux on your own system. While
Linux runs on most systems, some systems do have configurations and
hardware that may not be supported. Please consult the following web
pages for hardware compatibility. While we prefer you to bring your own
distros, our volunteers will normally have

Linux Howto Pages: http://tldp.org/HOWTO/HOWTO-INDEX/howtos.html
Linux Frequently Asked Questions: http://tldp.org/docs.html#faq
Additionally, there are forums and listservs for most distros.

Generally our volunteers have sets of the latest Fedora, SuSE and
Ubuntu distributions:
* Fedora - https://getfedora.org/ (Fedora 27 Live DVD/USB)
* Ubuntu - http://www.ubuntu.com ( 16.04.3 LTS DVD/USB or 17.10)
* other distros can be downloaded at the Installfest

We generally have them on local drives and can burn CDs/DVDs and
USBs.Since there are many variants of these distros, we advise you to
bring an empty USB stick with sufficient memory to hold one of the
distros. Live images require about 1.5GB. I usually have some USBs
prepared or can easily burn a USB.

We usually have both a Wired and Wireless network available.


In addition, you can run Linux on your Windows PC through a virtual
machine manager, such as Virtualbox. You can install this in your
Windows machine and run Linux as a guest OS, or install it in your Linux
machine and run Windows as a guest. VirtualBox 5.1.18
(http://www.virtualbox.org.) is free and is available for Linux, Windows
10, Windows 8, Windows 7, Windows XP and Windows Vista. Additionally,
there are also some VMWare clients that are also free for Windows.

Lunch is generously sponsored by Bluefin Technical Services, John Ross
and Ron Thibeau


Please refer to the BLU website (http://www.blu.org) for further
information and directions.
--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix user group
http://www.blu.org
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB CA3B 4607 4319 537C 5846



























































_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Thursday, February 1, 2018

Re: Boston Linux and Unix InstallFest LXVI Saturday February 10, 2018 Please sign in

I forgot to add that the library prefers attendees to sign in as this
room is smaller than our MIT room

Please go to the Morse Library event page:
http://www.eventkeeper.com/mars/xpages/m/morse/ek.cfm

Scroll down to the Feb 10th event, and click on Register. This will help
the library staff to occommodate us.


On 02/01/2018 11:50 AM, Jerry Feldman wrote:
> Boston Linux Installfest LXVI
> When: Saturday February 10, 2018, from 10:00 am to 4:30 pm
> Where: Morse Institute Library
> Innovation Studio second floor
> 14 E. Central Street
> Natick, MA 01760
> Plenty of free parking in the city parking lot on South Ave
> behind the library
>
> Map:
> https://www.google.com/maps/place/Morse+Institute+Library/@42.28436,-71.345798,17z
> /data=!3m1!4b1!4m2!3m1!1s0x89e387ad9d0241a9:0x42dacd80cae8a42d
>
> https://morseinstitute.org/studio/
>
> The Innovation Studio is on the second floor of the library. The library
> is a couple blocks' walk from the Natick Center MBTA commuter rail
> station. From the station, head south down Washington Street, crossing
> over South Avenue. You'll pass Dolphin Seafood on the right and
> Agostinos on the left, then you'll pass Court Street on the right. The
> library is the building to the left at the end of the road where
> Washington meets East Central.
>
> What you need to bring: Your computer, monitor, power strips and your
> Linux distributions. We do have copies of some distributions.
> In general we have expertise with most distros, but if you need special
> expertise, please email the BLU discussion list in advance. Today, most
> distros are using Live images that you can try out and then install.
> This can be copied to DVDs or USB sticks.There are a number of USB
> creators, such as UNetbootin (https://unetbootin.github.io/). Both
> Fedora and Ubuntu have a USB creator built in.
>
> COST: It's free! However, we DO have expenses, and contributions are
> welcome. Please consider contributing $25 per machine.
>
> Our volunteers will help you to install Linux on your own system. While
> Linux runs on most systems, some systems do have configurations and
> hardware that may not be supported. Please consult the following web
> pages for hardware compatibility. While we prefer you to bring your own
> distros, our volunteers will normally have
>
> Linux Howto Pages: http://tldp.org/HOWTO/HOWTO-INDEX/howtos.html
> Linux Frequently Asked Questions: http://tldp.org/docs.html#faq
> Additionally, there are forums and listservs for most distros.
>
> Generally our volunteers have sets of the latest Fedora, SuSE and
> Ubuntu distributions:
> * Fedora - https://getfedora.org/ (Fedora 27 Live DVD/USB)
> * Ubuntu - http://www.ubuntu.com ( 16.04.3 LTS DVD/USB or 17.10)
> * other distros can be downloaded at the Installfest
>
> We generally have them on local drives and can burn CDs/DVDs and
> USBs.Since there are many variants of these distros, we advise you to
> bring an empty USB stick with sufficient memory to hold one of the
> distros. Live images require about 1.5GB. I usually have some USBs
> prepared or can easily burn a USB.
>
> We usually have both a Wired and Wireless network available.
>
>
> In addition, you can run Linux on your Windows PC through a virtual
> machine manager, such as Virtualbox. You can install this in your
> Windows machine and run Linux as a guest OS, or install it in your Linux
> machine and run Windows as a guest. VirtualBox 5.1.18
> (http://www.virtualbox.org.) is free and is available for Linux, Windows
> 10, Windows 8, Windows 7, Windows XP and Windows Vista. Additionally,
> there are also some VMWare clients that are also free for Windows.
>
> Lunch is generously sponsored by Bluefin Technical Services, John Ross
> and Ron Thibeau
>
>
> Please refer to the BLU website (http://www.blu.org) for further
> information and directions.

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id: 6F6BB6E7
PGP Key fingerprint: 0EDC 2FF5 53A6 8EED 84D1 3050 5715 B88D 6F6B B6E7


_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Boston Linux and Unix InstallFest LXVI Saturday February 10, 2018

Boston Linux Installfest LXVI
When: Saturday February 10, 2018, from 10:00 am to 4:30 pm
Where: Morse Institute Library
Innovation Studio second floor
14 E. Central Street
Natick, MA 01760
Plenty of free parking in the city parking lot on South Ave
behind the library

Map:
https://www.google.com/maps/place/Morse+Institute+Library/@42.28436,-71.345798,17z
/data=!3m1!4b1!4m2!3m1!1s0x89e387ad9d0241a9:0x42dacd80cae8a42d


https://morseinstitute.org/studio/

The Innovation Studio is on the second floor of the library. The library
is a couple blocks' walk from the Natick Center MBTA commuter rail
station. From the station, head south down Washington Street, crossing
over South Avenue. You'll pass Dolphin Seafood on the right and
Agostinos on the left, then you'll pass Court Street on the right. The
library is the building to the left at the end of the road where
Washington meets East Central.

What you need to bring: Your computer, monitor, power strips and your
Linux distributions. We do have copies of some distributions.
In general we have expertise with most distros, but if you need special
expertise, please email the BLU discussion list in advance. Today, most
distros are using Live images that you can try out and then install.
This can be copied to DVDs or USB sticks.There are a number of USB
creators, such as UNetbootin (https://unetbootin.github.io/). Both
Fedora and Ubuntu have a USB creator built in.

COST: It's free! However, we DO have expenses, and contributions are
welcome. Please consider contributing $25 per machine.

Our volunteers will help you to install Linux on your own system. While
Linux runs on most systems, some systems do have configurations and
hardware that may not be supported. Please consult the following web
pages for hardware compatibility. While we prefer you to bring your own
distros, our volunteers will normally have

Linux Howto Pages: http://tldp.org/HOWTO/HOWTO-INDEX/howtos.html
Linux Frequently Asked Questions: http://tldp.org/docs.html#faq
Additionally, there are forums and listservs for most distros.

Generally our volunteers have sets of the latest Fedora, SuSE and
Ubuntu distributions:
* Fedora - https://getfedora.org/ (Fedora 27 Live DVD/USB)
* Ubuntu - http://www.ubuntu.com ( 16.04.3 LTS DVD/USB or 17.10)
* other distros can be downloaded at the Installfest

We generally have them on local drives and can burn CDs/DVDs and
USBs.Since there are many variants of these distros, we advise you to
bring an empty USB stick with sufficient memory to hold one of the
distros. Live images require about 1.5GB. I usually have some USBs
prepared or can easily burn a USB.

We usually have both a Wired and Wireless network available.


In addition, you can run Linux on your Windows PC through a virtual
machine manager, such as Virtualbox. You can install this in your
Windows machine and run Linux as a guest OS, or install it in your Linux
machine and run Windows as a guest. VirtualBox 5.1.18
(http://www.virtualbox.org.) is free and is available for Linux, Windows
10, Windows 8, Windows 7, Windows XP and Windows Vista. Additionally,
there are also some VMWare clients that are also free for Windows.

Lunch is generously sponsored by Bluefin Technical Services, John Ross
and Ron Thibeau


Please refer to the BLU website (http://www.blu.org) for further
information and directions.
--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix user group
http://www.blu.org
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB CA3B 4607 4319 537C 5846

























































_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce