 | Level: Intermediate Gary V. Vaughan (gary@gnu.org), Freelance open source developer and technical writer, Azazil
18 Jul 2007 For technical and non-technical users alike, maintaining a large
installed base of Linux machines can be a harrowing experience for an administrator.
Technical users take advantage of Linux®'s extreme configurability to change
everything to their liking, while non-technical users running amok within their own
file systems. This tutorial is the second in a two-part series on locking your Linux
machines down to streamline the associated support and administration processes.
In this tutorial, you learn how to configure the Linux kernel to execute only signed binaries.
In this tutorial
- Learn about some of the management issues and processes
that you must build up to maintain a large-scale installation of Linux machines
running a kernel specially built to execute only authorized executables, each
configured with the basic lockdown processes set out in
Part 1.
- See how to manage the cryptographic data needed to maintain such a
system in the first place and ultimately prevent the execution of unmanaged
executables in your secure environment.
- Configure an industrial-grade,
locked-down Linux distribution that cannot be injected with applications that
you have not personally audited and signed off.
Objectives
This tutorial expands on the groundwork laid in
Part 1,
which gave some good reasons for keeping Linux's propensity for customization
under control and took the first cautious steps toward locking down a standard
Linux distribution to prevent spurious user changes to the baseline
installation. Part 2 completes the lockdown process by building a kernel that
enforces use of only signed binaries that have been introduced in a controlled
way to each machine that you're supporting.
Prerequisites
This tutorial is written for Linux administrators whose skills and experience
are at an intermediate to advanced level. You should have good familiarity with
Public Key Infrastructure (PKI), especially with respect to GNU Privacy Guard
(GPG), be comfortable with a command-line shell, and possess a working knowledge
of the C programming language. Of course, you must
also have read and understood
Part 1
of this tutorial series.
System requirements
To follow the steps in this tutorial, you must have
root access on a Linux machine with the ability to
reboot the computer at will and to destroy all the data stored on it. You must
have an installed compilation environment and a way to get your distribution's
Linux kernel sources and headers as well as the tutorial source code from
Part 1. During the development of this tutorial, I used
Ubuntu
Linux V6.10 installed
from a live installation CD, although except in the finer details, any Linux
distribution you're comfortable with should be fine. If you have access to a
copy of VMware and don't need to try the hardware and firmware sections of the
tutorial, VMware's snapshot utility allows you to experiment more freely,
because you can go back in time to a known good state if the Linux installation
stops booting at any stage without resorting to a rescue disk to diagnose and
repair the problem.
Duration
More than 2 hours
Formats html, pdf
Learn more
| | | |
