From fe004b7c3a8325eb8d5420c1b940a5ade2691417 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 18 Jun 2013 16:25:11 +0200 Subject: [PATCH] journal: add references to SSKG paper FSS is based on --- man/journalctl.xml | 5 ++++- man/journald.conf.xml | 12 +++++++++--- src/journal/fsprg.c | 6 ++++++ 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/man/journalctl.xml b/man/journalctl.xml index 7a8d4b2dc..564634b75 100644 --- a/man/journalctl.xml +++ b/man/journalctl.xml @@ -593,7 +593,10 @@ sealing key is stored in the journal data directory and shall remain on the host. The verification key should be - stored externally. + stored externally. Also see the + option in + journald.conf5 + for details. diff --git a/man/journald.conf.xml b/man/journald.conf.xml index fe47fdffe..26f47f897 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -130,9 +130,15 @@ by journalctl1's - command), forward secure sealing (FSS) for - all persistent journal files is - enabled. + command), forward secure sealing (FSS) + for all persistent journal files is + enabled. FSS is based on Seekable + Sequential Key Generators by + G. A. Marson and B. Poettering and + may be used to protect journal files + from unnoticed + alteration. diff --git a/src/journal/fsprg.c b/src/journal/fsprg.c index 6817a629c..dd9a24256 100644 --- a/src/journal/fsprg.c +++ b/src/journal/fsprg.c @@ -19,7 +19,13 @@ * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA * 02110-1301 USA + */ + +/* + * See "Practical Secure Logging: Seekable Sequential Key Generators" + * by G. A. Marson, B. Poettering for details: * + * http://eprint.iacr.org/2013/397 */ #include -- 2.30.2