Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
This discussion is archived
1727 Views 4 Replies Latest reply: Oct 15, 2012 12:00 PM by JoeBidgood RSS
lexus Newcomer 3 posts since
Jul 16, 2012
Currently Being Moderated

Jul 16, 2012 7:59 AM

[ePO 4.6] Keystore on managed system

Hi,

i'm looking for an answer about the keystore on a managed system : why is it  possible, for a simple user, to access at all keys in read mode?

Could you tell me what is the use of these keys?

  • agentprvkey.bin
  • agentpubkey.bin
  • serverpubkey.bin
  • serverreqseckey.bin

Thanks for all.

 

 

  • jstanley McAfee SME 366 posts since
    Nov 6, 2009
    Currently Being Moderated
    1. Jul 16, 2012 12:37 PM (in response to lexus)
    Re: [ePO 4.6] Keystore on managed system

    Users can read the files but VSE AP rules should prevent them from being modified/deleted. The files are obfuscated and encrypted so their is not much the users can do with read only access anyway. They are used for encrypting/decrypting traffic between the agent and ePO. The names suggest their use but here it is explicitly:

    • agentprvkey.bin = Agent Private Key
    • agentpubkey.bin = Agent Public Key
    • serverpubkey.bin = ePO Server Public Key
    • serverreqseckey.bin = ePO Server’s Request Secret Key
  • JoeBidgood McAfee SME 2,866 posts since
    Sep 11, 2009
    Currently Being Moderated
    4. Oct 15, 2012 12:00 PM (in response to lexus)
    Re: [ePO 4.6] Keystore on managed system

    It's used to secure the initial exchange of keys between agent and server, so that the agent's key (which is created on the client machine) can be securely sent back to the server.

     

    HTH -

     

    Joe




    (Please post questions to the forum, as I am unable to respond to private messages. Thanks!)



More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points