Setting up an FTP server

Was really easy thanks to this freely available book chapter.

Advertisements

TrouSerS TSS with Atmel TPM on IBM T42p

I’m trying to get TrouSerS TSS working on my laptop.

Currently, I think I need to use this library, instead of libtpm-2.0 from IBM, to take ownership of the TPM. During this process, I *think* the storage root key (SRK) will be written to /usr/local/var/tpm/system.data. This is good, because so far it is quite beyond my comprehension how one might load the SRK.

I had already taken ownership of the TPM with IBM’s libtpm-2.0. This is a problem, since the TSS specification dictates that there can be only one TSS. Thus, I cleared the owner with the `clearown` utility from libtpm-2.0.
Now we want to clear all keys from the TPM, which requires physical presence to be demonstrated to the laptop. The process for doing this:

  • Power down the laptop.
  • Hold down the blue Fn key while powering on the laptop.
  • Once the splash screen comes with a message about hitting the “blue Access IBM key,” release Fn and press “Access IBM”!
  • Press F1 to enter the BIOS setup.
  • There will now be a new option under Security -> IBM Security Chip entitled something like “Clear Encryption Keys.” Clear away. You’re done.

I was then able to take ownership of the TPM with Tspi_TPM_TakeOwnership01.c, which is included in the testsuites of TrouSerS. I received a strange error message on my first attempt. It had to do with the inability to generate a nonce during the call to Tspi_TPM_GetPubEndorsementKey(). I did not save the exact error message. To fix this problem, I cleared the TPM using the IBM BIOS utility once more. I was then able to take ownership successfully. I wanted to try to recreate the problem, but I was unsuccessful. I suspected the problem was either: (1) failure to do a hard reboot after clearing the TPM’s owner, or (2) failure to have tcsd running. However I retried both these scenarios, and got meaningful error messages: TCPA_DEACTIVATED and TSS_E_COMM_FAILURE, respectively.

phpMyAdmin installation

I followed these instructions to install phpMyAdmin because I wanted to upgrade WordPress (this blog software) to a newer version. My main motivation for upgrading is because I get a lot of comment spam, and the old version I was using (2004-08-26) had a bug in the “delete checked comments” feature which prevented me from doing a mass delete of comment spam.

Just as I hoped, this upgrade seems to have fixed the problem. I wonder if it broke anything else. 🙂

The WordPress upgrade instructions are available here.

Right now, in all caps, it says upgrading to 1.5 will break my blog. However, it worked great for me. 🙂 I’m now using 2005-02-11. And it’s only the 10th right now!