======================================================= CONTRIBUTOR: Basie Etukudo, basie@San-Jose.ate.slb.com ======================================================= ********************************************************** ************** THIS IS UNSUPPORTED SOFTWARE ************** ********************************************************** ********************************************************** * Atria makes no representation that the descriptions * * and software code contained in this document will * * not infringe on existing or future patent rights, * * copyrights, trademarks, trade secrets or other * * proprietary rights of third parties. The * * descriptions contained herein do not imply the * * granting of licenses to make, use, sell, license or * * otherwise transfer Atria products described herein. * * Atria disclaims responsibility for errors which may * * appear in this document, and it reserves the right, * * in its sole discretion and without notice, to make * * substitutions and modifications in the products and * * practices described in this document. * ********************************************************** ------------------------------------------------------------------ T0024: armor-0.2, MultiSite sync packet encryption ------------------------------------------------------------------ README FIRST AND INSTALLATION NOTES ----------------------------------- Version 0.2 Last Updated: March 28, 1996 PREAMBLE: --------- Ever wonder who upstream or downstream from your site may be sniffing out your multisite sync packets as they are flying across the net from one development site to another? If you are like me, you don't want to wait too late to find out. What can you do to prevent eavesdropping on your sync packets? Well, that's what this package is about. This package contains a set of scripts that you can use in conjunction with Atria's multisite to encrypt your sync packets before they are shipped out on the net, or decrypt encrypted packets you receive from one of your remote sites. You don't need expertise in cryptography or cryptographic software in order to use these scripts - although that would help a bit. You do need to understand how multisite works. I have commented the scripts heavily. So you must read the comments in the scripts to know how each script works. If you have suggestions on how to make the scripts in the package work better, please let me know. If you have other questions about how the package works with multisite, please let me know as well. I will try to help whenever possible. You can reach me (Basie Etukudo) via email at "basie@san-jose.ate.slb.com", or voicemail at 408/437-5261. If you are the concerned (read paranoid) kind when it comes to scripts other people write (and you should be if you are not), particularly when encryption is involved, then you can test these scripts manually in isolation from the multisite sync scripts. Just create dummy sync packets, call the scripts with their respective input parameters, and watch how they behave. When you're satisfied they work for you, then integrate them into multisite scripts. Finally, the pathnames used in these scripts may not be the same for your site depending on where you placed multisite on your system. Please change the pathnames to what they are at your site. Do read the file, CHANGELOG, to see what has been changed in this revision of the package. WHAT'S IN THE PACKAGE: ---------------------- In this package you will find the following files: README - This file that you are reading CHANGELOG - The file containing revision history of the package armor.sh - The shell script that encrypts packets before they are shipped away. de_armor.sh - The shell script that decrypts packets before they are incorporated into the local replica vob. ship_trackfile.sh - The shell script that ships to the remote multisite host the list of encrypted packets. INSTALLATION STEPS: ------------------- 1. Get a copy of Eric Young's DES package, libdes-3.06.tar.gz, by ftp from ftp.psy.uq.oz.au in the directory /pub/Crypto/DES. Compile and install it on the machine that runs your shipping server. I like Eric's implementation of DES better than the generic one you may have on your system. It's the one I used in developing and testing these scripts. NOTE: If you are located in the U.S., do not send libdes-3.06.tar.gz to anyone outside the U.S. after you get it. It is against the law to do so. It has to do with the ITAR (International Traffic in Arms Regulations). If you do not know what ITAR says, then don't worry about it. Basically, it says that cryptographic software is considered munitions (like a battle tank or cruise missile) in the U.S. and so requires government approval before it can be exported.(Never mind the fact that the same encryption software may be freely available in rest of the world). One last note: it is legal to import cryptographic software into the U.S. Just don't send it out afterwards. If you need to use this package with a site outside the U.S., just ask them to ftp a copy of libdes-3.06.tar.gz on their own. Whatever you do, don't break the applicable local law and regulation. 2. Move the compiled DES executable and library to a convenient and accessible location and then assign the path to the DESPATH variable in armor.sh and de_armor.sh scripts accordingly. Install the man page that comes in libdes-3.06.tar.gz for the compiled DES program. 3. Place the scripts in this package in the same directory where the shipping server script is located. Both scripts must be owned by the owner of the shipping server script and protection mode on the scripts MUST BE 0700. I assume here that the owner of these files is the same as the owner of the cron job entry that invokes the shipping server. 4. Read the header and definition portions of armor.sh and de_armor.sh scripts and make updates to your taste and site specifications. There is plenty of informative comments in the scripts themselves. Please read them. 5. In the multisite shipping script, sync_sendall.sh, immediately above the line that reads "mkorder -data $PACKET -fship $HOST_LIST >> $LOGFILE", add the following line: /usr/atria/options/multisite/config/cron/armor.sh $PACKET $LOGFILE Then before the last line "exit 0" in the script, add the following line: /usr/atria/options/multisite/config/cron/ship_trackfile.sh \ $STORAGE-BAY/trackfile. Note: Change to the hostname from which you ship packets. Change to the name of destination host to which you ship packets. 6. In the multisite sync import script, sync_recv.sh, immediately below the line that reads "rotate_logs recv.log", add the following line: /usr/atria/options/multisite/config/cron/de_armor.sh $STORAGE-BAY $LOGFILE Note: Ensure that you explicitly define STORAGE-BAY before using it as shown here. At our site, it is defined as /var/adm/atria/shipping/ms_ship. You should be all set to go at this point. If you have problems, check to ensure that all your paths are correct. Good luck! May "the Force" go with you ;-) On a final note, I would like to stress that it is very important that you restrict read access to both the armor.sh and de_armor.sh scripts in this package after you install them. They contain the encryption key. You wouldn't hang the key to your house on the front door for everyone to see after you lock the doors, would you? I hope I've made this point clearly enough. If you exchange encrypted sync packets with many sites using these scripts, you will need to establish a policy for managing the encryption keys among the different sites. Each enterprise will need to set its policy as needed for all its multisite locations.