|
|
Sponsored Content
Operating Systems
Solaris
Public private key setup issue in Solaris 10
Post 302769392 by elixir_sinari on Tuesday 12th of February 2013 05:50:05 AM
02-12-2013
|
|
10 More Discussions You Might Find Interesting
1. Windows & DOS: Issues & Discussions
Hello all,
I have a bit of trouble working a passwordless SSH from UNIX to Cygwin running windows 2k3. Here are some details. I AM able to SSH from the Windows box to the UNIX box using the keys. Also, I'm able to SSH from UNIX to Windows w/o the keys. However, when I try to do it with the keys... (9 Replies)
Discussion started by: kclerks11
9 Replies
2. UNIX for Dummies Questions & Answers
Hi everyone,
I have a quick/newb question:
I know that a public key is used to encrypt data and a private key is used to decrypt data but who keeps the public/private keys??
Does the Web Server hold both?
Does the Web Server have the public key and does the client have the private key? ... (3 Replies)
Discussion started by: tical00
3 Replies
3. Shell Programming and Scripting
Hi everybody,
I need some help on writing a script that is able to remote copy file to one server. I already created this types of scripts, and works ok as long as this server I want to copy from is access through telnet. Here is how I do it:
ftp -n xxx.xxx.xxx.xxx << _EOF_
user user_name... (6 Replies)
Discussion started by: Alexis Duarte
6 Replies
4. Shell Programming and Scripting
hello,
iam able to ssh to a linux server from a linux server called "machine1" using the private/public key method, so I dont need to enter any password when I run my script but iam not able to ssh from machine1 to a UNIX server, access is denied.
note that I am using an application id which is... (6 Replies)
Discussion started by: wydadi
6 Replies
5. Solaris
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Discussion started by: aixlover
1 Replies
6. UNIX for Dummies Questions & Answers
Hi,
please guide me create a public/private key using ssh-keygen, lets say I have been access to server named pngpcdb1with a userid and password ...!!! and also please explain in detail the concept of these keys and ssh as I was planning to use them in ftp related scripts..! Thanks in... (1 Reply)
Discussion started by: rahul125
1 Replies
7. UNIX for Dummies Questions & Answers
Hi,
What tool is used to generate public and private keys for SCP?
Do you have an example script that generates these keys, puts them in files and then another example script that references them from SCP?
Thanks, (9 Replies)
Discussion started by: Astrocloud
9 Replies
8. Shell Programming and Scripting
Hi All,
I have a requirement where i need to check if an rsa public key corresponds to a private key and hence return success or failure. Currently i am using the command
diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$PUBLICKEY" )
and its solving my purpose. This is in... (1 Reply)
Discussion started by: mritusmoi
1 Replies
9. UNIX for Advanced & Expert Users
Hi,
we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have?
encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv
decrypt -a arcfour -k privatekey.asc... (2 Replies)
Discussion started by: rizwan.shaukat
2 Replies
10. UNIX for Advanced & Expert Users
I have a user account configuration with ssh public/private key that works on multiple servers centos and rhel. One server (Server F) that is not working in centos 6.8. When i ssh into server f I get prompted for a password. I have verified the config and it all is good. I put sshd into debug... (8 Replies)
Discussion started by: bash_in_my_head
8 Replies
LEARN ABOUT CENTOS
strongimcv_pki
PKI(1) strongSwan PKI(1) NAME
pki - Simple public key infrastructure (PKI) management tool SYNOPSIS
pki command [option ...] pki -h | --help DESCRIPTION
pki is a suite of commands that allow you to manage a simple public key infrastructure (PKI). Generate RSA and ECDSA key pairs, create PKCS#10 certificate requests containing subjectAltNames, create X.509 self-signed end-entity and root CA certificates, issue end-entity and intermediate CA certificates signed by the private key of a CA and containing subjectAltNames, CRL distribution points and URIs of OCSP servers. You can also extract raw public keys from private keys, certificate requests and certifi- cates and compute two kinds of SHA-1-based key IDs. COMMANDS
-h, --help Prints usage information and a short summary of the available commands. -g, --gen Generate a new private key. -s, --self Create a self-signed certificate. -i, --issue Issue a certificate using a CA certificate and key. -c, --signcrl Issue a CRL using a CA certificate and key. -r, --req Create a PKCS#10 certificate request. -7, --pkcs7 Provides PKCS#7 wrap/unwrap functions. -k, --keyid Calculate key identifiers of a key or certificate. -a, --print Print a credential (key, certificate etc.) in human readable form. -p, --pub Extract a public key from a private key or certificate. -v, --verify Verify a certificate using a CA certificate. EXAMPLES
Generating a CA Certificate The first step is to generate a private key using the --gen command. By default this generates a 2048-bit RSA key. pki --gen > ca_key.der This key is used to create the self-signed CA certificate, using the --self command. The distinguished name should be adjusted to your needs. pki --self --ca --in ca_key.der --dn "C=CH, O=strongSwan, CN=strongSwan CA" > ca_cert.der Generating End-Entity Certificates With the root CA certificate and key at hand end-entity certificates for clients and servers can be issued. Similarly intermediate CA cer- tificates can be issued, which in turn can issue other certificates. To generate a certificate for a server, we start by generating a pri- vate key. pki --gen > server_key.der The public key will be included in the certificate so lets extract that from the private key. pki --pub --in server_key.der > server_pub.der The following command will use the CA certificate and private key to issue the certificate for this server. Adjust the distinguished name, subjectAltName(s) and flags as needed (check pki --issue(8) for more options). pki --issue --in server_pub.der --cacert ca_cert.der --cakey ca_key.der --dn "C=CH, O=strongSwan, CN=VPN Server" --san vpn.strongswan.org --flag serverAuth > server_cert.der Instead of storing the public key in a separate file, the output of --pub may also be piped directly into the above command. Generating Certificate Revocation Lists (CRL) If end-entity certificates have to be revoked, CRLs may be generated using the --signcrl command. pki --signcrl --cacert ca_cert.der --cakey ca_key.der --reason superseded --cert server_cert.der > crl.der The certificate given with --cacert must be either a CA certificate or a certificate with the crlSign extended key usage (--flag crlSign). URIs to CRLs may be included in issued certificates with the --crl option. SEE ALSO
pki --gen(1), pki --self(1), pki --issue(1), pki --signcrl(1), pki --req(1), pki --pkcs7(1), pki --keyid(1), pki --print(1), pki --pub(1), pki --verify(1) 5.1.1 2013-07-31 PKI(1)