|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
Pros and cons of a Journaled file System
Post 302593359 by Corona688 on Thursday 26th of January 2012 03:50:55 PM
01-26-2012
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi there thanks for checking in
The I T manager over here wants us to convert 1 branch in our company from Win98 to Linux
I would just like to know the types of problems that we will have once this is done.
I would also like to know the following.
Does Linux come with a Office package... (3 Replies)
Discussion started by: nemex
3 Replies
2. UNIX for Dummies Questions & Answers
Allright the situation is that i have a dual boot set up with windows xp and red hat 9.0. the problem is that my modem and sound card dont work with linux. I found a driver, and i have to download it with xp. My question is.....
How do i actually copy the file to the linux... (4 Replies)
Discussion started by: nregenwether
4 Replies
3. AIX
Can anyone provide the pros and cons of having an NFS mount on an AIX server. Or direct me to documentation that provides this information. Thanks... (1 Reply)
Discussion started by: mcateriny
1 Replies
4. AIX
I have a folder with about 4000+ files. I would like to compress all these files with one command. When I type "compress *.ext" for example, I get "arg list too long". I tried the following:
for k in *
do
compress *.ext
done
Still got "The parameter list is too long." How can I compress... (4 Replies)
Discussion started by: bbbngowc
4 Replies
5. AIX
We are considering a DR strategy of booting AIX 5.3 and 5.3 logical partitions from EMC Symmetrix SAN disks, so that we can replicate via SRDF to a recovery site. Has anyone tried configuring AIX 5.x systems to boot from SAN disk? If so, can you provide any information on the pros and cons of... (6 Replies)
Discussion started by: jjgarrot
6 Replies
6. Cybersecurity
folks,
I have a security related question, to all you. Please share your comments with me.
I have a situation where i was asked to automate the password in my application, which expires every 6 months. In this case i need to generate a random password and set the password on some... (2 Replies)
Discussion started by: sudharma
2 Replies
7. Infrastructure Monitoring
I have some questions regarding ping
a. im planning to add all my servers to nagios for monitoring purposes. since nagios will do "PING" on the IP address (to check if UP or down), will there be affect on all my servers? say resource utilization, memory, etc? Will it add up or slow down the... (3 Replies)
Discussion started by: lhareigh890
3 Replies
8. Shell Programming and Scripting
Anyone has experience or study with Text User Interface and Curses::UI using Perl?
- What is the criteria to decide which method is better for a console based UI?
- Which DTL (dialog tag language) is supported by these?
The background is that I want to write a wrapper over some UNIX tools... (0 Replies)
Discussion started by: vikrantl
0 Replies
9. Red Hat
Hi guys,
I will truly appreciate your help here.
How do you enable journaled quota on rhel6?
Thank you so much for the assistance. (2 Replies)
Discussion started by: cjashu
2 Replies
LEARN ABOUT DEBIAN
rsautl
RSAUTL(1SSL) OpenSSL RSAUTL(1SSL) NAME
rsautl - RSA utility SYNOPSIS
openssl rsautl [-in file] [-out file] [-inkey file] [-pubin] [-certin] [-sign] [-verify] [-encrypt] [-decrypt] [-pkcs] [-ssl] [-raw] [-hexdump] [-asn1parse] DESCRIPTION
The rsautl command can be used to sign, verify, encrypt and decrypt data using the RSA algorithm. COMMAND OPTIONS
-in filename This specifies the input filename to read data from or standard input if this option is not specified. -out filename specifies the output filename to write to or standard output by default. -inkey file the input key file, by default it should be an RSA private key. -pubin the input file is an RSA public key. -certin the input is a certificate containing an RSA public key. -sign sign the input data and output the signed result. This requires and RSA private key. -verify verify the input data and output the recovered data. -encrypt encrypt the input data using an RSA public key. -decrypt decrypt the input data using an RSA private key. -pkcs, -oaep, -ssl, -raw the padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP, special padding used in SSL v2 backwards compatible handshakes, or no padding, respectively. For signatures, only -pkcs and -raw can be used. -hexdump hex dump the output data. -asn1parse asn1parse the output data, this is useful when combined with the -verify option. NOTES
rsautl because it uses the RSA algorithm directly can only be used to sign or verify small pieces of data. EXAMPLES
Sign some data using a private key: openssl rsautl -sign -in file -inkey key.pem -out sig Recover the signed data openssl rsautl -verify -in sig -inkey key.pem Examine the raw signed data: openssl rsautl -verify -in file -inkey key.pem -raw -hexdump 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64 .....hello world The PKCS#1 block formatting is evident from this. If this was done using encrypt and decrypt the block would have been of type 2 (the second byte) and random padding data visible instead of the 0xff bytes. It is possible to analyse the signature of certificates using this utility in conjunction with asn1parse. Consider the self signed example in certs/pca-cert.pem . Running asn1parse as follows yields: openssl asn1parse -in pca-cert.pem 0:d=0 hl=4 l= 742 cons: SEQUENCE 4:d=1 hl=4 l= 591 cons: SEQUENCE 8:d=2 hl=2 l= 3 cons: cont [ 0 ] 10:d=3 hl=2 l= 1 prim: INTEGER :02 13:d=2 hl=2 l= 1 prim: INTEGER :00 16:d=2 hl=2 l= 13 cons: SEQUENCE 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption 29:d=3 hl=2 l= 0 prim: NULL 31:d=2 hl=2 l= 92 cons: SEQUENCE 33:d=3 hl=2 l= 11 cons: SET 35:d=4 hl=2 l= 9 cons: SEQUENCE 37:d=5 hl=2 l= 3 prim: OBJECT :countryName 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU .... 599:d=1 hl=2 l= 13 cons: SEQUENCE 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption 612:d=2 hl=2 l= 0 prim: NULL 614:d=1 hl=3 l= 129 prim: BIT STRING The final BIT STRING contains the actual signature. It can be extracted with: openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614 The certificate public key can be extracted with: openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem The signature can be analysed with: openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin 0:d=0 hl=2 l= 32 cons: SEQUENCE 2:d=1 hl=2 l= 12 cons: SEQUENCE 4:d=2 hl=2 l= 8 prim: OBJECT :md5 14:d=2 hl=2 l= 0 prim: NULL 16:d=1 hl=2 l= 16 prim: OCTET STRING 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%.. This is the parsed version of an ASN1 DigestInfo structure. It can be seen that the digest used was md5. The actual part of the certificate that was signed can be extracted with: openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4 and its digest computed with: openssl md5 -c tbs MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5 which it can be seen agrees with the recovered value above. SEE ALSO
dgst(1), rsa(1), genrsa(1) 1.0.1e 2013-02-11 RSAUTL(1SSL)