cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 5
‎07-16-2012 05:59 AM

[ePO 4.6] Keystore on managed system

Jump to solution

Hi,

i'm looking for an answer about the keystore on a managed system : why is it  possible, for a simple user, to access at all keys in read mode?

Could you tell me what is the use of these keys?

  • agentprvkey.bin
  • agentpubkey.bin
  • serverpubkey.bin
  • serverreqseckey.bin

Thanks for all.

0 Kudos
Reply
1 Solution

Accepted Solutions
jstanley
Employee
Employee
Report Inappropriate Content
Message 2 of 5
‎07-16-2012 10:37 AM

Re: [ePO 4.6] Keystore on managed system

Jump to solution

Users can read the files but VSE AP rules should prevent them from being modified/deleted. The files are obfuscated and encrypted so their is not much the users can do with read only access anyway. They are used for encrypting/decrypting traffic between the agent and ePO. The names suggest their use but here it is explicitly:

  • agentprvkey.bin = Agent Private Key
  • agentpubkey.bin = Agent Public Key
  • serverpubkey.bin = ePO Server Public Key
  • serverreqseckey.bin = ePO Server’s Request Secret Key

View solution in original post

0 Kudos
Reply
4 Replies
jstanley
Employee
Employee
Report Inappropriate Content
Message 2 of 5
‎07-16-2012 10:37 AM

Re: [ePO 4.6] Keystore on managed system

Jump to solution

Users can read the files but VSE AP rules should prevent them from being modified/deleted. The files are obfuscated and encrypted so their is not much the users can do with read only access anyway. They are used for encrypting/decrypting traffic between the agent and ePO. The names suggest their use but here it is explicitly:

  • agentprvkey.bin = Agent Private Key
  • agentpubkey.bin = Agent Public Key
  • serverpubkey.bin = ePO Server Public Key
  • serverreqseckey.bin = ePO Server’s Request Secret Key
0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 5
‎09-24-2012 02:44 AM

Re: [ePO 4.6] Keystore on managed system

Jump to solution

Hi, i have an other question.

Please, could you tell me exactly when and why the "ePO Server’s Request Secret Key" is used?

Is it just used for initiate the connection between the Agent to the server ?

Thanks for all

Ce message a été modifié par: lexus on 24/09/12 04:45:12 CDT
0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 5
‎10-11-2012 02:00 AM

Re: [ePO 4.6] Keystore on managed system

Jump to solution

Did someone have an answer please?

0 Kudos
Reply
JoeBidgood
Employee
Employee
Report Inappropriate Content
Message 5 of 5
‎10-15-2012 10:00 AM

Re: [ePO 4.6] Keystore on managed system

Jump to solution

It's used to secure the initial exchange of keys between agent and server, so that the agent's key (which is created on the client machine) can be securely sent back to the server.

HTH -

Joe

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC