04-11-2009
Public key cryptography always works the same way: Encryption is done with the public key, decryption done with the private key. It is not possible to decrypt anything with the public key (otherwise the whole system would crash down). The only time it's done the other way is for message authentication, where only a digest of a message is encrypted and can be verified (not decrypted) using the public key.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
We wish to register RSA key fingerprint with JVM 1.4.2 under UNIX environment.
Any inputs how to go for it?
The output we are getting as
"The authenticity of host 'sxfer01.bluecrossmn.com (159.136.224.30)' can't be established.
RSA key fingerprint is... (0 Replies)
Discussion started by: asawari
0 Replies
2. Shell Programming and Scripting
Hi All,
I need to scp a folder from one host to another in a script. When I run a command , it asks me to authenticate for the RSA key fingerprint for the first time.
# scp -r temp1 root@iqcarrot:/root/
The authenticity of host 'iqmango.apac.avaya.com (148.147.172.112)' can't be... (2 Replies)
Discussion started by: nua7
2 Replies
3. Shell Programming and Scripting
I want to automate the process of generating RSA keys. I want to remotley login to a linux machine from a windows maching without having to enter a password. For this I need to generate the RSA key pair. but I want to do this procedure on alot of linux machines. For which I was looking to automate... (2 Replies)
Discussion started by: lassimanji
2 Replies
4. UNIX for Dummies Questions & Answers
Hi there,
I have a Linux Debian machine with the following fingerprint :
e1:95:11:46:ff:d1:e3:4a:a3:34:1a:25:b4:d8:f1:cb.
I'd like to set this fingerprint to :
cd:19:bd:f6:8e:00:7a:69:14:52:a1:73:cb:15:a5:ca.
I have very specific reasons to do that. So please only answer if you know how... (5 Replies)
Discussion started by: chebarbudo
5 Replies
5. Shell Programming and Scripting
Hello,
I wanted to know if there was a way to encrypt a string, not a file using openssl and then decrypt it? I cant seem to get it to work.
This is what I have been trying but I'm not having much luck.
encTxt=`echo "$1" | openssl dgst -sha1 -binary | openssl rsautl -sign -inkey... (1 Reply)
Discussion started by: tjones1105
1 Replies
6. UNIX for Advanced & Expert Users
Guys
How do i add RSA key for a host ?
I was able to connect to a host some time back but now its not connectable ,via SSH.
Message i get is :
abhi@myHost:~/.ssh> ssh eatcid@yourHost
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION... (3 Replies)
Discussion started by: ak835
3 Replies
7. Solaris
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Discussion started by: aixlover
1 Replies
8. Cybersecurity
I'm stumped on an issue I'm having with RSA key based SSH logons.
I have 30 servers in a database cluster. They are all Red Hat Enterprise Linux Server release 6.4.
I want to be able to run a command on all of them from any one of them using SSH.
I generated private and public keys on... (1 Reply)
Discussion started by: derndingle
1 Replies
9. Red Hat
Hi All,
I have a scenario where from machine1 I need to establish sftp/ssh to machine2.
Internet is full of examples of this how to generate they key-pair etc... but all examples assume that the account is the same on machine1 and machine2.
I would like to do the following:
1) user1 on... (3 Replies)
Discussion started by: snailrider
3 Replies
10. Shell Programming and Scripting
Hi All,
I have a requirement where i need to check if an rsa public key corresponds to a private key and hence return success or failure. Currently i am using the command
diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$PUBLICKEY" )
and its solving my purpose. This is in... (1 Reply)
Discussion started by: mritusmoi
1 Replies
LEARN ABOUT OSX
rsa_check_key
RSA_check_key(3) OpenSSL RSA_check_key(3)
NAME
RSA_check_key - validate private RSA keys
SYNOPSIS
#include <openssl/rsa.h>
int RSA_check_key(RSA *rsa);
DESCRIPTION
This function validates RSA keys. It checks that p and q are in fact prime, and that n = p*q.
It also checks that d*e = 1 mod (p-1*q-1), and that dmp1, dmq1 and iqmp are set correctly or are NULL.
As such, this function can not be used with any arbitrary RSA key object, even if it is otherwise fit for regular RSA operation. See NOTES
for more information.
RETURN VALUE
RSA_check_key() returns 1 if rsa is a valid RSA key, and 0 otherwise. -1 is returned if an error occurs while checking the key.
If the key is invalid or an error occurred, the reason code can be obtained using ERR_get_error(3).
NOTES
This function does not work on RSA public keys that have only the modulus and public exponent elements populated. It performs integrity
checks on all the RSA key material, so the RSA key structure must contain all the private key data too.
Unlike most other RSA functions, this function does not work transparently with any underlying ENGINE implementation because it uses the
key data in the RSA structure directly. An ENGINE implementation can override the way key data is stored and handled, and can even provide
support for HSM keys - in which case the RSA structure may contain no key data at all! If the ENGINE in question is only being used for
acceleration or analysis purposes, then in all likelihood the RSA key data is complete and untouched, but this can't be assumed in the
general case.
BUGS
A method of verifying the RSA key using opaque RSA API functions might need to be considered. Right now RSA_check_key() simply uses the RSA
structure elements directly, bypassing the RSA_METHOD table altogether (and completely violating encapsulation and object-orientation in
the process). The best fix will probably be to introduce a "check_key()" handler to the RSA_METHOD function table so that alternative
implementations can also provide their own verifiers.
SEE ALSO
rsa(3), ERR_get_error(3)
HISTORY
RSA_check_key() appeared in OpenSSL 0.9.4.
50 2013-03-05 RSA_check_key(3)