Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSL Public key/Private question
Top Forums UNIX for Dummies Questions & Answers SSL Public key/Private question Post 302322484 by robsonde on Thursday 4th of June 2009 12:52:37 AM
Old 06-04-2009
start by generating a private key
Code:
openssl genrsa -out x.key 1024

Then use that private key to generate your request to the CA.
Code:
openssl req -new -key x.key -out request.pem

then you send the request.pem to the CA.
they will return a signed certificate.

the x.key file is both the Public key and the Private key.
the signed cert is just the public key with a signed blob of crypto stuff.
Last edited by robsonde; 06-04-2009 at 02:01 AM..
 

10 More Discussions You Might Find Interesting

1. Windows & DOS: Issues & Discussions

Public/Private Key SSH from UNIX to Windows (Cygwin)

Hello all, I have a bit of trouble working a passwordless SSH from UNIX to Cygwin running windows 2k3. Here are some details. I AM able to SSH from the Windows box to the UNIX box using the keys. Also, I'm able to SSH from UNIX to Windows w/o the keys. However, when I try to do it with the keys... (9 Replies)
Discussion started by: kclerks11
9 Replies

2. Shell Programming and Scripting

SFTP in a shell script without public/private key

Hi everybody, I need some help on writing a script that is able to remote copy file to one server. I already created this types of scripts, and works ok as long as this server I want to copy from is access through telnet. Here is how I do it: ftp -n xxx.xxx.xxx.xxx << _EOF_ user user_name... (6 Replies)
Discussion started by: Alexis Duarte
6 Replies

3. Shell Programming and Scripting

how to ssh to remote unix machines using private/public key

hello, iam able to ssh to a linux server from a linux server called "machine1" using the private/public key method, so I dont need to enter any password when I run my script but iam not able to ssh from machine1 to a UNIX server, access is denied. note that I am using an application id which is... (6 Replies)
Discussion started by: wydadi
6 Replies

4. Linux

SSL/TLS uses the public key to encrypt data ?

Hi, I have a doubt..whether the SSL/TLS protocol uses the public key of the web server to encrypt data before sending it. I knew the browser verifies the public key of the web server using the digital certificate (by verifying the signature of the certificate using trusted authority). whether... (2 Replies)
Discussion started by: chaitus.28
2 Replies

5. UNIX for Dummies Questions & Answers

how to create a public/private key using ssh-keygen

Hi, please guide me create a public/private key using ssh-keygen, lets say I have been access to server named pngpcdb1with a userid and password ...!!! and also please explain in detail the concept of these keys and ssh as I was planning to use them in ftp related scripts..! Thanks in... (1 Reply)
Discussion started by: rahul125
1 Replies

6. Solaris

Public private key setup issue in Solaris 10

Hi i am using solaris 10.I am trying to setup a public/private key but it is not working.Appreciate your repsonse on it There are two servers DB1 server and DB2 server. 1)I have generated public/private key using below step on both servers. ssh-keygen -t rsa 2)From DB1 server moved the... (6 Replies)
Discussion started by: muraliinfy04
6 Replies

7. UNIX for Dummies Questions & Answers

Public and Private Key generation for scp

Hi, What tool is used to generate public and private keys for SCP? Do you have an example script that generates these keys, puts them in files and then another example script that references them from SCP? Thanks, (9 Replies)
Discussion started by: Astrocloud
9 Replies

8. Shell Programming and Scripting

Rsa public private key matching

Hi All, I have a requirement where i need to check if an rsa public key corresponds to a private key and hence return success or failure. Currently i am using the command diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$PUBLICKEY" ) and its solving my purpose. This is in... (1 Reply)
Discussion started by: mritusmoi
1 Replies

9. UNIX for Advanced & Expert Users

Private and public key encryption

Hi, we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have? encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv decrypt -a arcfour -k privatekey.asc... (2 Replies)
Discussion started by: rizwan.shaukat
2 Replies

10. UNIX for Advanced & Expert Users

Ssh public/private key user login problem

I have a user account configuration with ssh public/private key that works on multiple servers centos and rhel. One server (Server F) that is not working in centos 6.8. When i ssh into server f I get prompted for a password. I have verified the config and it all is good. I put sshd into debug... (8 Replies)
Discussion started by: bash_in_my_head
8 Replies

LEARN ABOUT DEBIAN

shib-keygen

SHIB-KEYGEN(8)							    Shibboleth							    SHIB-KEYGEN(8)

NAME

       shib-keygen - Generate a key pair for a Shibboleth SP

SYNOPSIS

       shib-keygen [-bf] [-e entity-id] [-g group]
	   [-h hostname] [-o output-dir] [-u user] [-y years]

DESCRIPTION

       Generate a self-signed X.509 certificate for a Shibboleth SP.  By default, the certificate will be for the local fully-qualified (as
       returned by "hostname --fqdn") hostname.  An entity ID can be specified with the -e flag.  The openssl command-line client is used to
       generate the key pair.  By default, the public certificate will be created in /etc/shibboleth/sp-cert.pem and the private key in
       /etc/shibboleth/sp-key.pem.

OPTIONS

       -b  Suppress all standard error output when creating the certificate.  This option is normally only used by the package build.

       -e entity-id
	   Add entity-id (which should be a URI) as an alternative name for the certificate.

       -f  Remove /etc/shibboleth/sp-cert.pem and /etc/shibboleth/sp-key.pem before generating a new certificate.  Without this option, if those
	   files already exist, shib-keygen prints an error and exits rather than overwriting them.

       -g group
	   After generating the key and certificate, change the group ownership of the key file to this group.	By default, the group used is
	   "_shibd".

       -h hostname
	   Specify the fully-qualified domain name for which to generate a certificate.  If this option isn't given, the hostname defaults to the
	   result of "hostname --fqdn".

       -o output-dir
	   Store sp-cert.pem and sp-key.pem in the directory output-dir rather than the default of /etc/shibboleth.

       -u user
	   After generating the key and certificate, change the ownership of the key file to this user.  This is used to allow the key to be read
	   by a non-root user so that shibd can be run as a non-root user.  By default, the key is owned by "_shibd".

       -y years
	   The number of years for which the certificate should be valid.  The default expiration time is ten years into the future.

FILES

       /etc/shibboleth/sp-cert.cnf
	   The OpenSSL configuration file used for generating the self-signed certificate.  This configuration file is generated when the script
	   is run and deleted afterwards.

       /etc/shibboelth/sp-cert.pem
	   The default location of the public certificate created by this script.

       /etc/shibboleth/sp-key.pem
	   The default location of the private key for the certificate created by this script.

       These three files are stored in the directory given with -o instead, if that option is given.

AUTHOR

       This manual page was written by Russ Allbery for Debian GNU/Linux.

COPYRIGHT

       Copyright 2008, 2011 Russ Allbery.  This manual page is hereby placed into the public domain by its author.

2.4.3								    2012-02-16							    SHIB-KEYGEN(8)
All times are GMT -4. The time now is 02:39 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy