1OPENCRYPTOKI(7)                  openCryptoki                  OPENCRYPTOKI(7)
2
3
4

NAME

6       openCryptoki - A PKCS#11 implementation.
7
8

DESCRIPTION

10       openCryptoki  is an implementation of the PKCS#11 API standard. It pro‐
11       vides an interface to the functions of underlying cryptographic tokens,
12       which may be implemented via software or hardware. The PKCS#11 specifi‐
13       cation has been released by RSA Labs. More information on  PKCS#11  can
14       be found on the RSA labs website: http://www.rsa.com/rsalabs.
15
16       To use openCryptoki, run the pkcsslotd daemon. The daemon will read the
17       opencryptoki.conf file to collect  information  about  the  tokens  and
18       their slots.
19
20       Use  the  pkcsconf  utility  to further configure openCryptoki once the
21       daemon is running.
22
23

SECURITY NOTE

25       All non-root users that require access to PKCS#11  tokens  using  open‐
26       Cryptoki must be assigned to the pkcs11 group to be able to communicate
27       with the pkcsslotd daemon. Only fully trusted users should  be  granted
28       membership  in  the  group.  Group members can block other openCryptoki
29       users from accessing PKCS#11 tokens, and execute  arbitrary  code  with
30       the privileges of other openCryptoki users.
31
32

SEE ALSO

34       pkcsslotd(8),
35       pkcsconf(1),
36       opencryptoki.conf(5).
37
38
39
403.16.0                             May 2007                    OPENCRYPTOKI(7)
Impressum