Server :: OpenSSL - Encrypt Zip File With SSL Keys?
Feb 25, 2010
I would like to encrypt and decrypt zip file using OpenSSL keys. I have generated the keys and can encrypt normal text files but if I try to encrypt the zip file, I get error: "Error reading input Data" Following is what I have done.
generate keys:
Code:
openssl genrsa 4096 > private-key.pem
openssl rsa -pubout < private-key.pem
openssl rsa -pubout < private-key.pem > public-key.pem
encrypt the file:
Code:
openssl rsautl -encrypt -pubin -inkey public-key.pem -in test.zip test.zip.encrypted
I must use public/ private key pair (without any password) and I must use OpenSSL. But I can use any algorithm other than RSA (not sure which one to use and how).
View 3 Replies
ADVERTISEMENT
Sep 8, 2010
I recently upgraded to Ubuntu 10.04. I love the passwords and keys application, but was somewhat surprised at the lack of a context menu in gnome to encrypt a file.
In general, I cannot find how to encrypt files using the keys I generate. Maybe I'm missing something? Probably, I just thought since Ubuntu comes with OOB key generation it would have OOB encryption capabilities.
I've read about seahorse and other ways to ADD encryption, I'm just wondering if ubuntu does it natively. It'd be a good idea to add to brainstorms, right click and encrypt.
View 6 Replies
View Related
Aug 2, 2011
I'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies
View Related
Jan 8, 2010
I Have shell script like this
Code:
#!/usr/bin/expect
set password "XXXXXXXX"
[code]...
View 13 Replies
View Related
Apr 1, 2010
I want to recompile Apache in order to be SNI supportive because I need to use ssl named based virtual host:
I referred to the following links:
[URL]
I installed the latest version of openssl which is now openssl-1.0.0 I ran the following commands:
./config enable-tlsext --prefix=/usr/local2 --openssldir=/usr/local2/openssl
make
make test
make install
then to recompile apache with new SNI support I ran the following:
./configure --enable-so --enable-ssl --enable-rewrite --enable-unique-id --with-ssl=/usr/local2/openssl
make
make install
After that when I start Apache: /usr/local/apache2/bin/apachectl -k start I get the following error:
SSLStrictSNIVHostCheck failed; OpenSSL is not built with support for TLS extensions and SNI indication. Refer to the documentation, and build a compatible version of OpenSSL.
View 11 Replies
View Related
Jul 14, 2010
I got an task assigned to me, i have to create new ssl key, csr & crt files using openssl. But the file name must be of this kind (*.aaa.xx.aa). When I tried the file name starting with * its not accepting the file name. But when I tried with the file name starting with . its getting generated.
View 1 Replies
View Related
Jan 18, 2011
I inherited a project that someone built in lampp, and I need create new SSL certs.
So I go to do so and it says that OpenSSL is not installed and to apt-get and install it.(Ubuntu by the way)
So before I did so, I wondered if it would cause any problems...since it was supposed to be part of the lampp stack.
View 3 Replies
View Related
May 19, 2010
I use this line to line to archive and password protect my files (with zero compression):7z a -p -t7z -mx0 ~/Documents.7z ~/Documents In the attached picture, I notice there is a check box to 'Encrypt the file list too' via the GUI 7z method. How could I add this option to the above 7z line?
Also I think rar allows you to 'Encrypt the file list too'. Could someone also give me a rar line similar to 7z a -p -t7z -mx0 ~/Documents.7z ~/Documents but that has the 'Encrypt the file list too' feature added?
View 3 Replies
View Related
Jul 5, 2010
How do I go about encrypting a file in Ubuntu 10.04?
View 9 Replies
View Related
Sep 14, 2010
I need to temporarily store a file containing sensitive data in a public server, in a secure way. I think that encrypting the whole file would be much more secure than creating a passworded .zip encrypted file, because they could be subject of brute force attacks. Attacking a whole file of unknow format is harder, I think. I thought of something like the command:
Code:
$ programidontknow --encrypt mysensitive.file --output-file mumblerumble.file
then the program asks interactively for a password)
$ ls
mysensitive.file mumblerumble.file
So I get one file that may look like junk. I tried to search how to do it with GnuPG. But it seems that GnuPG needs much configuration I dont want to do. I simply want to type the password one time to get the file. It doesnt need to retain any configuration for what I want to do. In similar scenario, I would want to do this on a machine/account that is not mine.
View 7 Replies
View Related
Feb 23, 2011
What 's the most popular command to do such things in terminal in linux?
View 4 Replies
View Related
Nov 3, 2010
For some years now I have been able to use openssl (apache-mod_ssl) to process encrypted traffic because I had, in effect, only one host - the main server - as the sole entry in our ssl_vhost.conf file.
Now we are working toward serving a couple of more secure sites for closely related organizations, but with their own distinct identities. This, in the past, would have meant additional static IPs with matching nic cards for starters. But my understanding is that since 2007/8 we have been able to use gnutls (apache-mod_gnutls) which gets around the old problem of Apache not being able to direct name-based traffic because that would not yet have been decoded. This is referred to as SNI - Server Name Indication.
Here my confusion begins. Is there an overlap between SSL and TLS? For instance, I would have generated RSA keys and a self-signed certificate with the genrsa command. Is this sufficient for gnutls or does it need to generate its own keys and certificates? I realize gnutls is relatively a new kid on the block but it is appealing and I'd like to give it a try.
I am working with the Mandriva/Mageia cooker with an x86_64 architecture so all packages are up-to-the-minute.
View 3 Replies
View Related
Nov 10, 2010
I am using fetchmail (with ssl support) to download my e-mail. About a week ago, the downloading from two servers stopped, among them gmail.com, due to an ssl error. Usually that means updating the ssl fingerprint in fetchmail.conf, and when I wanted to do this I discovered that there seems to a issue with openssl.
When I do openssl s_client -connect pop.gmail.com:995 -showcerts I now get an error
server:> openssl s_client -connect pop.gmail.com:995 -showcerts
CONNECTED(00000003) 5448:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
Ubuntu 8.04 (2.6.24-28-server #1 SMP Sat Oct 16 17:53:34 UTC 2010 i686 GNU/Linux)OpenSSL 0.9.8g 19 Oct 2007
Can anybody explain to me what the error means and how to fix it?
View 1 Replies
View Related
Jan 6, 2011
I want encrypt my fedora file system.
How to i can encrypt ext3 or ext4 file system.
View 5 Replies
View Related
Jan 8, 2010
I want to encrypt Full partition instead of creating a file and encrypting it, and also want to move this disk to another server. do i need some files also (that hold keys) with my self on new server. i am using FC11.
View 2 Replies
View Related
Jul 11, 2009
I recently installed Fedora 11 64bit and I am curious about encrypting my entire file system for security purposes. I've been on Google for a while now and I keep finding info on how to encrypt a specific folder or home directories but nothing on the entire file system (or I'm missing something big here). It's hard for me to imagine that it isn't. If so, do I need to encrypt the partition my file system is on before installing it? What software should I use? There seems to be so many, it's difficult to keep them all straight.
View 5 Replies
View Related
Feb 15, 2010
I want to be able to encrypt files on my netbook with Ubuntu 9.04 UNR and on my MacBook (Mac OS 10.6.2) and be able to exchange them and decrypt them on the other platform.The Ubuntu command Edit>Encrypt is so easy to use but works only on the netbook. I haven't, thus far, found a program to open them on the Mac or to create an encrypted file on the Mac that I can open on the netbook.
View 3 Replies
View Related
Jul 26, 2010
I am using VNC client (windows) to connect to centos server. Please let me know how can I encrypt VNC connection to the server connecting as root to make sure security.
View 4 Replies
View Related
May 31, 2011
I have a headless ubuntu server (10.04 x64) in the attic that I use as mostly as a file server for media streaming and backing up other PCs on the home network. The box doesn't have a display, keyboard or mouse connected and is in a location where it's physically difficult to get at.
I'm mostly looking at a solution to protect the system if it were physically stolen(hopefully this is very unlikely) so that I could have a reasonable confidence that no one could boot a live CD and steal any private documents on there.
I don't feel like I need to encrypt the root file system (and I don't want to reinstall!) as most of the data on the system isn't sensitive (MP3s, video files etc).
I would like to protect the backups of the other systems as they have some personal documents etc on them,
I need to also balance this with convenience as I need the backups to continue to be automatic or they most likely won't get done at all.
Currently I have a samba share called "backup" that is password protected and points to /media/backup where a 2tb drive is mounted, this drive is used just for backups from the other systems so I would like to encrypt the whole drive.
I realise that I can't have the drive mount completely automatically as it will then be accessible to anyone who can boot the box. The compromise I would like would be that the drive is encrypted and then either:
1.) I log in via ssh and enter a command to mount the drive which prompts for a passphrase - drive stays mounted after I log out until manually unmounted or the system is rebooted
or
2.) On boot something runs automatically which then prompts me for the passphrase when I next connect via ssh - again the drive stays mounted after I log out until manually unmounted or the system is rebooted
I would prefer 2 as then I am less likely to forget to mount the drive after a reboot.
I have seen several tutorials using LUKS to encrypt the drive and manually mount but am wondering if it's possible to achieve 2. Also wondering if there are any implications for samba if the drive is not available straight away at boot, would I need to restart anything after mounting the encrypted drive for example?
View 8 Replies
View Related
Aug 20, 2010
I am looking to be able to encrypt using OpenPGP certain outgoing emails on my linux server. Currently I have GPG setup with a public key, however encryption outgoing emails prooved to be harded.After a bit of research I have found GNU Anubis which acts as a middlemad between the MUA and the MTA, by encrypting emails before they reach my MTA (Sendmail)However I am having a bit of problem with the configuration of bind and remote-mta, as specified by anubis.I have the sendmail service running on port 25 and I want to leave it there, but I have configured my php.ini SMTP port to 24. So it runs through port 24 first and anubis then forwards the emails via remote-mta to port 25Here are my anubis configs:
bind localhost:24
local-mta /path/to/my/sendmail
remote-mta localhost:25
With all those set, I can't seem to get the basic modication of emails to work. (trying to change a certain subject to something else, just to see that anubis is working). However emails are still working with port 24 as the SMTP port.
View 1 Replies
View Related
Dec 5, 2008
how to get a right click option to encrypt a file in nautilus. Per the subject line, right click works ok in the other two applications but doesn't seem to have integrated into nautilus. (both KGpg and Seahorse are installed and each seems to work correctly).
View 1 Replies
View Related
Jan 5, 2010
I've just started using ubuntu one. However, some of the files I store on there are sensitive so I encrypt them using seahorse. Right click, encrypt etc etc. My question is, is there a way to automatically get the encrypt process to delete the un-encrypted file when it makes the new encrypted copy?
View 6 Replies
View Related
Apr 17, 2010
I don't know if this is a configuration issue or a hardware issue, but I have a Kinesis Advantage USB keyboard and for some reason the F3-F5 keys aren't responding as they used to. They don't respond to anything and, when I tried using F5 on Emacs, it said <XF86AudioNext> is undefined, so I guess it's a weird mapping problem.
Any idea how I could remap them to the original meaning?
View 2 Replies
View Related
Jun 27, 2011
Just wondering if Ubuntu has an Accessibility equivalent for sticky keys and mouse keys.
View 1 Replies
View Related
Apr 7, 2011
I'm running Debian (Squeeze) and I have a toshiba portege m700. It has five buttons on the front just under the screen, which are the only ones accessible when you flip the screen over into tablet mode. One of them is for rotating the screen, and another is for switching to external display. I want to remap the remaining three to control, alt and super so that I can use shortcuts with the stylusThe problem is, when I used showkey to find out the key codes, I found out that each button generates more than one key code:Button 1:
key 126 press >> super_r, although this is distinct from the actual super key (125)
key 7 press >> 6
key 7 release
key 126 release
View 4 Replies
View Related
Mar 16, 2011
I am trying to lock down a server using audit.rules. I intend to use ausearch to review certain entries from time to time. I noticed that it's possible to assign a "key" to each rule and then use `ausearch -k` to show only the records that have that key.Unfortunately, the key feature seems broken. I started with the following rule in audit.rules:
Code:
-a always,exit -F arch=b64 -S open -S openat -F exit=-EACCES -k deny
I do a `cat /etc/shadow` and a `ausearch -ts today -k deny` and it seems all went well.
[code]....
View 8 Replies
View Related
Jan 5, 2011
I installed SSH server on my ubuntu-server last night, following this online Guide: https://help.ubuntu.com/10.04/server...sh-server.htmlThen I tried to generate the public and private keys.root@ubuntu-server:~# ssh-keygen t dsaGenerating public/private dsa key pair.Enter file in which to save the key (/root/.ssh/id_dsa):
View 14 Replies
View Related
Mar 21, 2011
In the kde realm, with the dolphin file browser, I can open a terminal in whatever folder is in the gui by using the shift and f4 keys. I'd like to be able to accomplish the same in gnome with the nautilus file browser but can't figure out how to do same. So far I have to open a terminal and then cd to the desired folder. Or do I have to use some other file browser and which one?
View 2 Replies
View Related
May 17, 2010
Im running ubuntu 9.04 remotley via ssh, using putty on a windows computer to control it. I want to redefine one key (I have a swedish keyboard where I have to press AltGr+key to get a tilde sign, would be better if I could get the tilde without AltGr modifier).
I read about xmodmap and xev. Using them I succesfully redefined the key for x-programs. For example if I start firefox over ssh and press the key I get the correct key. But in the terminal session the changes does not take effect. Which is probably logical since xmodmap does only work on the x-server. But how do I redefine the keys for terminal use?
View 2 Replies
View Related
Aug 25, 2010
At first I thought that the following command will restart my sshd server:
/etc/init.d/sshd restart
but there is no "sshd" server in this directory.
How else do I (re)start the ssh server? How can I get the version/release number of the sshd server? Where (in which directory) should I put SSH keys?
View 1 Replies
View Related
