Keylime Documentation
Contents:
Installation
User Guide
Authentication
Configuration
Runtime Integrity Monitoring
User Selected PCR Monitoring
Use Measured Boot
The
keylime-policy
tool
IDevID and IAK
Secure Payloads
Agent Revocation
Design of Keylime
Additional Reading
Rest API’s
Keylime Development
Securing Keylime
Keylime Documentation
User Guide
View page source
User Guide
Contents:
Authentication
Server Components CA
Agent Keylime CA
Configuration
Configuration file processing order
Configuration file format
Override configurations via configuration snippets
Override configurations via environment variables
Configuraton upgrades
The configuration upgrade script
keylime_upgrade_script
Runtime Integrity Monitoring
Keylime Runtime Policies
Remotely Provision Agents
How can I test this?
IMA File Signature Verification
Using Key Learning to Verify Files
Legacy allowlist and excludelist Format
User Selected PCR Monitoring
How to use
rhboot shim-loader
Use Measured Boot
Introduction
Implementation
How to use
Named Measured Boot Policy
The
keylime-policy
tool
Creating runtime policies
Creating measured boot policies
Signing runtime policies
IDevID and IAK
Introduction
How to use
Secure Payloads
Single File Encryption
Certificate Package Mode
Certificate Package Example
Agent Revocation