• Inicio
• Comunidad
• Futurabanda

mod_auth_openpgp 0.1.0 released

1. Edit build.sh to suit your needs/desires.
2. Run it: ./build.sh
3. Modify your Apache’s configuration as needed (see below)

Requires:

Load it into Apache with:

LoadModule auth_openpgp_module modules/mod_auth_openpgp.so

Configuration:

Turn it on for specific virtual hosts (or server globally) using the “OpenPGPEngine on” command and with mod_access directives, for example:
<VirtualHost *:80>
ServerName localhost
ServerAdmin [email protected]
DocumentRoot “/var/www/localhost/htdocs”
Options FollowSymlinks

<ifmodule mpm_peruser_module>
ServerEnvironment apache apache
</ifmodule>

# Turn on the OpenPGP Engine for this VirtualHost
OpenPGPEngine on

# if the X-Auth-OpenPGP header has the “true” value,
# then set the valid_signature env var to be used as
# decisive factor in the Allow sentence of mod_access.
# X-Auth-OpenPGP cannot be spoofed, as it gets resetted
# if the module has been enabled for the vhost.
# In the future, valid signed requests will also
# have a header which tells mod_access the keyid, eMail address
# and fingerprint of each user [TODO for 0.2.0]

SetEnvIf X-Auth-OpenPGP ^true valid_signature
<directory “/var/www/localhost/htdocs/pba”>
Order Deny,Allow
Deny from all
Allow from env=valid_signature
</directory>

</virtualhost>

And that’s it. Go grab Enigform and try it out. Of course, the ‘apache’ user needs a valid gpg configuration and keyring, or mod_auth_openpgp won’t be able to verify signed requests.

Sincerely,
Arturo ‘Buanzo’ Busleiman
buanzo at buanzo com ar

Artículos relacionados:

• mod_auth_openpgp ALPHA released
• Enigform for Apache: mod_auth_openpgp
• mod_auth_openpgp packaged for Mandriva
• NEWS: Encryption of HTTP using OpenPGP
• Enigform and mod_auth_openpgp news report.

Si te gustó este articulo, ¿ Porque no dejas un comentario a continuación y continuas la conversación, o te suscribes a los feeds y recibes los artículos directamente en tu lector?