I am using Fedora 13 x64.I want to removing passphrase from the RSA Private Key then harden the decrypted Private Key.When I tried section 6.6 guide line, I get directory does not exist?I don't know where my server.key is stored.
View 1 RepliesI just installed ecryptfs (debian Lenny). However, when I try to run it (as normal user), I get the following
$ ecryptfs-setup-private Enter your login passphrase: And it wont accept any password (naturally since this is the first time I'm running it).
i noticed that all files can be seen by another computer if the drive is accessed
can I stop this? can i set a private folder?
These should be my last pleas for help with regard to Fedora 13. I've been unable to turn off the notifications that appear in the top right corner, despite a decent amount of searching on google. I can't remove any notifications package without removing a bunch of important software along with it. Also, F13 refuses to "Safely Remove" either of my external disks. I have to yank out the usb cord, touching wood each time.
View 5 Replies View RelatedSimply, the number of possible combinations of passwords increases as an exponent of the number of characters used and as a factor of the number of characters available for use.
26 potential characters for a 2 character password results in 26^2 possible password combinations. This means that each new character added would result in an "order of magnitude" increase in the difficulty of brute force attack.
Using a phrase, complete with punctuation and capitalization is the very best mnemonic device to remember a password. Consider this, how hard is it to remember; The quick brown fox jumped over the lazy dog.
Than it is to remember, l33tsp34kp@ssw0rd
If we pretend that both of these passphrases are generated from a character set consisting of 26 characters, the first would be one of a possible 15274273784216769021564085930704478424313742483024 510976. The second would be one of a possible 1133827315385150725554176.
In short, use a passphrase not a password, they are much MUCH more secure.
Every time I log in to my Fedora 13 system, I am prompted for my SSH pass phrase.
I would like to be prompted the first time I login after booting, but then have ssh-agent continue to run until I kill it or shutdown so I don't have to be prompted every time.
Where do I configure this?
We have small requirement, we need to connect to ssh server through ey+Passphrase+password. Is it possible to configure this type of authentication in any version of openssh/fedora.
View 3 Replies View RelatedI have currently a file server that runs on Fedora 9, and all other PCs (mostly running Windows XP) access the file server via SAMBA. Everything works perfectly! However, lately a home invasion in my neighborhood got me thinking. If they take my file server, my data is not protected. So, I would like to implement the LUKS partition encryption (/home) which sits on a separate disk. However, I don't quite like the decryption process at boot time. In other words, I would like to wake up the file server (WOL) remotely, and when it's done booting, I would like to log-in using the other PCs and enter the passphrase remotely to decrypt /home. Is this possible using LUKS encryption (i.e., cryptsetup)? If not, what would be another alternative to what I am trying to do using a secure encryption (so that the data is safe from thieves)?
View 4 Replies View RelatedI just upgraded to Fedora 13, with emacs 23.1. Now when I edit a .gpg (encrypted) file, emacs doesn't cache the passphrase, so when I save the file emacs demands that I repeat the passphrase twice.Previously, the following line in .emacs made it cache the passphrase:
Code:
(setq epa-file-cache-passphrase-for-symmetric-encryption t) This is supposed to work, according to the documentation [URL], but in Fedora 13 emacs it seems to have stopped working.
I have an encrypted disk, using LUKS / dm-crypt, on Fedora 14.Every time I boot, I am immediately prompted for the passphrase. This happens VERY early in the boot process, and is a graphical screen (ie not console text). If I hit escape, I am prompted in a text-mode for the same passphrase. If I hit escape or return a few times, boot continues normally.
I only mount the disk occasionally, and don't want to be prompted at boot for the passphrase to luksOpen the disk at boot. I manually cryptsetup luksOpen and then mount it when I want access. I just don't want to be asked at boot, and don't want to unlock it until I do so manually.Does anyone how how I can tell Fedora to not attempt to decrypt / mount this filesystem at boot?It's not in /etc/fstab. I should mention, no LVM, just mdadm raid5 on the partition + luks /dm-crypt.
How to change the passphrase for crypted partitions in F14?
View 1 Replies View RelatedI recently was given a system with an ASUS A8V motherboard, AMD Athlon 64 3000+ 1.8GHz CPU and one 60 GB SATA disk to which I added a 120GB IDE disk. As the disks are on different (built-in) controllers and are different speeds, I set up /boot, root and swap on the SATA disk, and then one big /home partition on the IDE drive, using the custom partitioning. If I install Fedora 15 32 bit (from DVD) with encryption enabled, I get prompted for the encryption passphrase during bootup as I would expect. If I install Fedora 15 64 bit (from DVD), I get that same prompt and the boot hangs. I can then bring up a serial console where I'll find a prompt for the same passphrase for the IDE drive. I can enter it and the boot will proceed.
I am now running F15 64 without encryption; I would like to get encryption working again but without having to enter the passphrase twice. Plus I figure that this *should* work the same under both the 64 and 32 bit versions. I have had to reinstall this system a few times, using both versions -- the behavior has been consistent.
i am working on fedora 10 and configured dns on my college lan which already has it's dns at 192.168.5.20 .So i configured my private dns server at 192.168.101.91 which is my ip too.And the domain name is the host name of my system for example server.onkie.com.MY dns port 53 is shown when i do nmap localhost but but doesnt show when i do nmap 192.168.101.91 .Also when tested my server on other computers on my lan with there primary dns as 192.168.5.20 and secondary as 192.168.101.91 they cant access my site at my system with the name server.onkie.com . nmap localhost
[Code]...
i have my personal email address in one of my bugzilla report.
really tired from spam. how can i drop my personal info from it?
[URL]
i've set up a little mail server ob my private server, using getmail to get the mails from different pop accounts and to send it to maildirs of some virtual users, and i use dovecot as imap server to provide the mails to my clients which are mostly outook 2007. i run getmail as a cronjob which fetches my mails every 2 minutes, anyhow i'd like to run it on demand when a client pushes the send/receive button. is there a way to tell dovecot to run getmail on demand?
View 6 Replies View RelatedI have 2 different networks: the first one is gateway machine (eth0), and the second is a private machine (eth1). So, I've configured the iptables and forwarding stuff and when I try to ping google.com on the gateway machine, it works, while it doesn't work on the private network. Note: I am using VmWare 7. I need your quick assistance about this issue.
View 2 Replies View RelatedI know a bunch of commands and I am comfortable using the terminal, I even set a powerpc server but I can't figure out how to remove epiphany on this new computer I'm setting up. I didn't install anything with tasksel. I installed gnome and xorg afterwards... I load it up and 'startx' just fine. then I check around for the programs that were installed. I lik'em gimp, lot's of utilities. gedit. anyway I find epiphany, which I have already established that I dislike, I immediately go to the root terminal (another nice program that comes with gnome) and type apt-get remove epiphany-browser-data the output says it will be deleting gnome... however I have researched and found these are simpy meta packages that don't really matter.... however under the section that states all the packages that will be removed by autoremove there is a huge list... I doubt these packages are safe to remove. how to remove epiphany without removing a huge amount of probably needed software
View 14 Replies View Relatedwhat i did was, remove evolution mail from synaptic, what i wanted to do was just remove the indicator applet from the task bar. i read a bunch of bad stuff about removing evolution from synaptic vs just removing the applet.
im worried. did i break anything or put my security at risk. after, i used a command (older) (sudo apt-get install ubuntu-desktop)to install ubuntu desktop. because i thought that it would fix evolution. then i went to synaptic and installed a package called evolution. i rechecked evolution in applications menu. however, i notice that i have both a checkable evolution and two evolution icons. nothing 'seems' broken. im not sure if it ever was. and evolution calender pops up as normal, as does the the installed plain evolution. they both seems to be an exact copy of the other.
all i really wanted to do was remove the indicator applet. did i make a serious mistake. since ive had ubuntu, ive reformatted a lot because i was worried i made a mistake of some kind. however now im into the more "make a mistake and fix it stage' as im pretty happy with my current desktop and have worked hard to customize it. the command, sudo apt-get remove indicator-messages removed the mail icon. i still am worried that i broke something, or put my security at risk. also, now i have two mail icons. evolution mail and calendar, and another just called evolution.
what purpose does it serve to use a passphrase? Once the keys are generated the passphrase isnt used? Or what am I missing??? I did not use a passphrase and understood that there was no security implications of not doing so. Is this correct?
View 6 Replies View RelatedFedora 11 I have tried just about everything in webmin, the current one I am working with is openswan, and I get this error: ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.secrets ipsec rsasigkey: key pair generation failed: "-8037"
My boss would like to have our employees connect to our linux server, then access their personal computers to work when they are unable to be in the office. Everyone else in the office uses winblows and they are unwilling to try anything else no matter what the benefit. The most important one is the CAD guy, we need him to work on drawings from school or his latest flings house and I am just running out of steam. how to fix this error or radically change my approach, I will try or do anything.
Is there any way to only have one passphrase prompt when using multiple LUKS partitions? Well there must be, as that's how Fedora does it - it asks you once, and tries that passphrase on every LUKS volume (with a nice plymouth prompt), I just don't know how to do that on Wheezy. Don't say I have to nuke my install and use LVM instead of regular partitions or put a keyfile on a USB stick. My partition layout is:
/boot (plain)
swap (luks)
/ (luks)
/data (2nd drive, luks)
So I get asked 3 times during boot.
I'm trying to add a key to a new slot from a keyfile that I created, but I keep getting an error and I don't know what the problem is.
Code:
root@ubuntu:~# cryptsetup luksAddKey --key-slot 1 /dev/sda5 -d /media/Ubuntu_10_04/etc/cryptkeys/swap.key
No key available with this passphrase.
content of swap.key
Code:
nBPeNCr_PS-yEv5SYEyyzaEextllDLo7aHs7yZGW9dtC48GDlte6WYQe7iG2poJr84U6twxu1DImZcyoBPB1q1AjYAanPsre7qLr7VnN4G6u1x_WG-sja6U_pvnks9CTgcD4UmfBw9mkrU3YY4GknQXtpLvkiBkM1soJ0SYYQ2r-7CDZJvaiYJb9eOKKbMsjlrEG39IBdQwdcEp3D7PK5paTYZdVHU2ygrJvJy-sJly4oqb2274DO8hbYviQsPdawetglkhhhhhhh98h4erwjerfkasjnfhsahfocLnBPeNCr_PS-
[code]....
I am a noob who is playing around with setting up a home print/file server using Ubuntu Server 10.04. I have successfully setup the server and am now configuring the SSH server so I can control remotely.
I have setup RSA keys with a passphrase as outlined in the SSH - Ubuntu Community Documentation. However, when I log in remotely I am only asked for the passphrase the first time. Any subsequent log-ins simply take a few seconds to connect without any passphrase request. After restarting my laptop (that I use to connect remotely), I am again asked for the passphrase only the first time and subsuquent logins are without a passphrase. I would like to know if this is normal and if there is a way to have passphrase requested on each login.
I would like to use a USB key to hold the passphrase for an encrypted /Data partition. A forum search turned up only using that method for / which requires initrd. That's not what I'm after.In openSUSE 11.4 I want to boot normally and then automatically unlock the /Data partition only if the USB key is inserted. I'm assuming this would require some kind of automounting after or during the boot process.
View 1 Replies View Relatedwhen generating RSA public/private key pair, I gave a passphrase to protect the key. When I now want to use this private key in a script to log on to the remote server via ssh and do something, how can I give the passphrase? Alternatively, is it possible to use a different private key without passphrase ? I doubt it, but it doesn't harm to ask.
View 2 Replies View RelatedI need an non-interactive, symetric, passphrase mechanism that can be used on machines beyond my sys-admin control. Currently, I use the Python code (with variants):
Stat, Output = commands.getstatusoutput(
"gpg -c --passphrase=%s '%s'"%(Password, TarFileName))
to encrypt and decrypt files (tar balls). The "Password" is generated by a Python code on a singular removable flash drive. It worked with FC11 and Windows, but with FC13 I get an interactive dialog, which gets canceled, and then: can't connect to `/home/{a user id}/.gnupg/S.gpg-agent': No such file or directory
gpg-agent[3432]: command get_passphrase failed: Operation cancelled
gpg: cancelled by user
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `testdata' failed: Operation cancelled
The operator does not know the pass phrase. This is a single user mechanism which relies upon the mounting of the special flash drive to work. The application is portable across many platforms and hosts, but can only be used by the possessor of the flash drive.
How can I enable passphrase along with the password for login via ssh ? In that whenever I login from server A to server B via ssh, it should ask me for a password and then passphrase to allow me access.
OR
Can we have multiple passwords to login via ssh ?My basic need is to have 2 levels of password.
i installed the PAE kernel and was wondering if it's safe (and how) to remove the non-PAE kernels. from the system.This is F13.
View 2 Replies View RelatedI recently started installing Debian and I want to download and install a GUI in it. For that I could use my university Wi-Fi connection. I was told that it's a WPA2 secured connection. But when I tried to configure it, it keeps asking me for a "passphrase". I don't have a passphrase! All I have is my username and password for the Wi-Fi. What should I enter as my passphrase ? I tried both username and password and neither of them worked.
View 4 Replies View RelatedMy friend and I spent two weeks trying to find out why my openSUSE laptop wouldn't connect to his router using WEP. We finally figured out that the KDE networkmanager was not translating the passphrase into the hexidecimal number (default key #1). Once we entered the hexidecimal number, it connected with no problems. He uses Ubuntu on his test laptop (Windows guy). Ubuntu, and kubuntu via live CD, both connected only using the passphrase. I didn't have an openSUSE Gnome live CD to test weather this is KDE specific or not.
View 6 Replies View Related