Name | Modified | Size | Downloads / Week |
---|---|---|---|
Parent folder | |||
amttool | 2012-10-13 | 150.7 kB | |
README.txt | 2012-10-13 | 4.4 kB | |
Totals: 2 Items | 155.1 kB | 0 |
Ver. 1.6.7 # 'info remote' and power control commands moved to the 'rem_control' command set (backward compatible syntax still supported) * The Remote Control Information: 'Watchdog Expired', 'Power Source' info added # The Remote Control Information: fixed bugs # The Remote Power Control: fixed bugs # 'info general' and 'info audit' splited to subcommands Ver. 1.6.5 * Added command 'pwr_save' to configure AMT Power Saving * Added command 'uuser' for User Access Control AMT Interface * Added 'AMT_VERSION' environment variable (to skip online AMT version check) Ver. 1.6.2 * Added support for Redirection AMT Interface * Added command 'security' for a subset of Security AMT Interface Ver. 1.6 * Added support for 'Access Monitor/Audit' AMT service * Added support for non-standard AMT-service port number * Added command 'net vlan' # fixed 'time' command for iAMT ver. 1.x # http-proxy usage documented on the help screen # debug changes: # debug output now works for all requests # debug out for replies added (with <-dd|--ddebug> parameter) # 'xmllint' (libxml2-utils package) don't need any more for debug output # improved output on request faults # fixed 'System UUID' value in the 'info general' output Ver. 1.5 * Supported new AMT service: Hardware asset data # General info: 'Code Versions' string added Debian package dependencies Required: libsoap-lite-perl, libtimedate-perl, libdigest-md5-file-perl, libmime-base64-urlsafe-perl, libmath-bigint-gmp-perl Suggested: === Audit Key & Cert Generation === There is the help page on the Intel site for the scripts from the AMT SDK: http://software.intel.com/en-us/blogs/2012/01/18/how-to-create-amt-certificates-using-the-amt-sdk-and-openssl/ Example of keys & cert creation. You should refer to openssl manual to make this working. Root CA generation (if don't have it) Command: openssl req -config root_ca_gen.cfg -new -x509 -keyout root_ca_private.pem -out root_ca_cert.pem Required Config options for 'root_ca_gen.cfg': [ req ] default_bits = 512 default_md = sha1 default_keyfile = ... encrypt_rsa_key = no distinguished_name = ... [ <dist_name> ] ... Subordinate CA request gen and sign (if don't have it) Commands: openssl req -config sub_ca_req.cfg -new -keyout sub_ca_private.pem -out sub_ca_cert.req openssl ca -config root_ca.cfg -policy policy_anything -extensions v3_ca -in sub_ca_cert.req -out sub_ca_cert.pem Required Config options for 'sub_ca_req.cfg': [ req ] default_bits = 512 default_md = md2 default_keyfile = ... encrypt_rsa_key = no distinguished_name = ... req_extensions = v3_ca [ <distin_name> ] ... [ v3_ca ] basicConstraints=CA:TRUE Required Config options for 'root_ca.cfg': ... [ <default ca section> ] ... default_md = md5 ... [ usr_cert ] ... authorityKeyIdentifier=keyid,issuer:always ... [ v3_ca ] ... authorityKeyIdentifier=keyid,issuer:always ... Audit Key Generation for AMT-Device Commands: openssl req -config SecConfig/Auditor.cfg -newkey rsa:2048 -keyout audit_key.pem -out audit_cert.req openssl ca -config sub_ca.cfg -policy policy_anything -in audit_cert.req -out audit_cert.pem Required Config options for 'key.cfg': [ req ] encrypt_rsa_key = no default_md = md2 default_keyfile = ... distinguished_name = ... keyUsage = digitalSignature [ <distin_name> ] ... dnQualifier = ... dnQualifier_value = ... Required Config options for 'sub_ca.cfg': [ <default ca section> ] unique_subject = no default_md = md5 [ policy_match ] dnQualifier = supplied [ policy_anything ] dnQualifier = optional [ usr_cert ] keyUsage = digitalSignature authorityKeyIdentifier=keyid,issuer:always [ v3_ca ] authorityKeyIdentifier=keyid,issuer:always 'audit keys' command requres the next files (from the example above): audit_key.pem, audit_cert.pem, sub_ca_cert.pem