04-16-2012
Secure private key
Hello all,
We have unix environment and we would like to use ssh public and private key to move between server using ssh. I do know how to test this and have it up and running on some sandbox...but my question is how would one secure the PRIVATE KEY....we are not using a passphrase...and i know looking at all the BEST PRACTICE the first thing said is have a passphrase....besides the passphrase how can we make sure/protect our keys (permissions are set to 600)...here is the setup...
server1 have my private key
server 2 has public key
server 3 has public key
server 4 has public key
we are going to use server1 as our hub to move/ssh to other server...so how would i secure/protect my private key on server1.... like i mentioned we do not want to use passphrase...any other things we can do on server1 to make sure my private key is secure?? Just wanted to get some thoughts...and please keep in mind i am not a system administrator...
9 More Discussions You Might Find Interesting
1. Programming
Hi all,
I have written a Java program to generate RSA public and private keys. I am writing the keys to a file and reading from it when required to encryption or decryption. I want to protect the private key file using a passphrase. Can anyone tell me how to do it? :(
Thanks. (2 Replies)
Discussion started by: Treasa
2 Replies
2. UNIX for Dummies Questions & Answers
Hi everyone,
I have a quick/newb question:
I know that a public key is used to encrypt data and a private key is used to decrypt data but who keeps the public/private keys??
Does the Web Server hold both?
Does the Web Server have the public key and does the client have the private key? ... (3 Replies)
Discussion started by: tical00
3 Replies
3. Shell Programming and Scripting
I wish to generate a id_dsa.pub and id_dsa (Public and Private Key) in a common user group. I have checked the .ssh directory and i have already found id_dsa.pub and id_dsa existing.
Is that OK if i create both the keys in my home direcotry, rename it to jjj.pub and jjj and move to Common user... (1 Reply)
Discussion started by: vasuarjula
1 Replies
4. Solaris
I would like to ask if you have a procedure on how to upload multiple private key for multiple users in solaris? I was only able to add one but when I tried to add several key, it fails.
example:
a. user1: user1.ppk
b. user2: user2.ppk
Each with different password on the server. Pls advise (6 Replies)
Discussion started by: lhareigh890
6 Replies
5. UNIX for Dummies Questions & Answers
Hi everyone!
I know you can extract public keys from a keystore using the keytool command.
But what is the process to extract a private key from a jks keystore and import into another jks keystore using keytool?
Any guidance would be greatly appreciated! I can't seem to find anything, I do... (0 Replies)
Discussion started by: Keepcase
0 Replies
6. Red Hat
Hello,
Need a suggestion to setup private key passwordless authentication. I am not sure this can done or not :wall:
here is the sincerio
I have two servers, sever1 with a user "user1" and servera with usera
here dataflow: usera from servera, will pull/push files to server1 on user1... (2 Replies)
Discussion started by: bobby320
2 Replies
7. Shell Programming and Scripting
I have two types of files
pubring.pkr
secring.skr
secring.skr is encrypted and not able to read.
How can i read secring.skr in text format after decrypting ?
is there any way of decrypting this file?
Unix HP - UX Version. (4 Replies)
Discussion started by: airesh
4 Replies
8. OS X (Apple)
Before you get the wrong idea, I am not looking for how to generate one. I have a key from a server admin but I can't figure out how to use it in OS X.
I have the key, the address and everything I should need but there doesn't seem to be a step by step on how to install the key and use it in... (4 Replies)
Discussion started by: kylebellamy
4 Replies
9. UNIX for Advanced & Expert Users
Hi,
we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have?
encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv
decrypt -a arcfour -k privatekey.asc... (2 Replies)
Discussion started by: rizwan.shaukat
2 Replies
LEARN ABOUT DEBIAN
ckeygen
CKEYGEN(1) CKEYGEN(1)
NAME
ckeygen - manipulate public/private keys
SYNOPSIS
ckeygen [-b bits] [-f filename] [-t type] [-C comment] [-N new passphrase] [-P old passphrase] [-l] [-p] [-q] [-y]
DESCRIPTION
The --help prints out a usage message to standard output.
-b, --bits <bits>
Number of bits in the key to create (default: 1024)
-f, --filename <file name>
Filename of the key file.
-t, --type <type>
Type of key (rsa or dsa).
-C, --comment <comment>
Provide a new comment.
-N, --newpass <pass phrase>
Provide new passphrase.
-P, --pass <pass phrase>
Provide old passphrase.
-l, --fingerprint
Show fingerprint of key file.
-p, --changepass
Change passphrase of private key file.
-q, --quiet
Be quiet.
-y, --showpub
Read private key file and print public key.
--version
Display version number only.
DESCRIPTION
Manipulate public/private keys in various ways. If no filename is given, a file name will be requested interactively.
AUTHOR
Written by Moshe Zadka, based on ckeygen's help messages
REPORTING BUGS
To report a bug, visit http://twistedmatrix.com/bugs/
COPYRIGHT
Copyright (C) 2002-2011 Twisted Matrix Laboratories.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICU-
LAR PURPOSE.
SEE ALSO
ssh(1), conch(1)
October 2002 CKEYGEN(1)