04-17-2012
Hi,
make sure to have an encrypted backup of private/public keypair; there are a lot of tools you may use (i.e. gpg, truecrypt, etc...).
see ya
fra
9 More Discussions You Might Find Interesting
1. Programming
Hi all,
I have written a Java program to generate RSA public and private keys. I am writing the keys to a file and reading from it when required to encryption or decryption. I want to protect the private key file using a passphrase. Can anyone tell me how to do it? :(
Thanks. (2 Replies)
Discussion started by: Treasa
2 Replies
2. UNIX for Dummies Questions & Answers
Hi everyone,
I have a quick/newb question:
I know that a public key is used to encrypt data and a private key is used to decrypt data but who keeps the public/private keys??
Does the Web Server hold both?
Does the Web Server have the public key and does the client have the private key? ... (3 Replies)
Discussion started by: tical00
3 Replies
3. Shell Programming and Scripting
I wish to generate a id_dsa.pub and id_dsa (Public and Private Key) in a common user group. I have checked the .ssh directory and i have already found id_dsa.pub and id_dsa existing.
Is that OK if i create both the keys in my home direcotry, rename it to jjj.pub and jjj and move to Common user... (1 Reply)
Discussion started by: vasuarjula
1 Replies
4. Solaris
I would like to ask if you have a procedure on how to upload multiple private key for multiple users in solaris? I was only able to add one but when I tried to add several key, it fails.
example:
a. user1: user1.ppk
b. user2: user2.ppk
Each with different password on the server. Pls advise (6 Replies)
Discussion started by: lhareigh890
6 Replies
5. UNIX for Dummies Questions & Answers
Hi everyone!
I know you can extract public keys from a keystore using the keytool command.
But what is the process to extract a private key from a jks keystore and import into another jks keystore using keytool?
Any guidance would be greatly appreciated! I can't seem to find anything, I do... (0 Replies)
Discussion started by: Keepcase
0 Replies
6. Red Hat
Hello,
Need a suggestion to setup private key passwordless authentication. I am not sure this can done or not :wall:
here is the sincerio
I have two servers, sever1 with a user "user1" and servera with usera
here dataflow: usera from servera, will pull/push files to server1 on user1... (2 Replies)
Discussion started by: bobby320
2 Replies
7. Shell Programming and Scripting
I have two types of files
pubring.pkr
secring.skr
secring.skr is encrypted and not able to read.
How can i read secring.skr in text format after decrypting ?
is there any way of decrypting this file?
Unix HP - UX Version. (4 Replies)
Discussion started by: airesh
4 Replies
8. OS X (Apple)
Before you get the wrong idea, I am not looking for how to generate one. I have a key from a server admin but I can't figure out how to use it in OS X.
I have the key, the address and everything I should need but there doesn't seem to be a step by step on how to install the key and use it in... (4 Replies)
Discussion started by: kylebellamy
4 Replies
9. UNIX for Advanced & Expert Users
Hi,
we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have?
encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv
decrypt -a arcfour -k privatekey.asc... (2 Replies)
Discussion started by: rizwan.shaukat
2 Replies
LEARN ABOUT CENTOS
amcrypt-ossl-asym
AMCRYPT-OSSL-ASYM(8) System Administration Commands AMCRYPT-OSSL-ASYM(8)
NAME
amcrypt-ossl-asym - crypt program for Amanda asymmetric data encryption using OpenSSL
SYNOPSIS
amcrypt-ossl-asym [-d]
DESCRIPTION
amcrypt-ossl-asym uses OpenSSL to encrypt and decrypt data. OpenSSL is available from www.openssl.org. OpenSSL offers a wide variety of
cipher choices ( amcrypt-ossl-asym defaults to 256-bit AES) and can use hardware cryptographic accelerators on several platforms.
amcrypt-ossl-asym will search for the OpenSSL program in the following directories:
/bin:/usr/bin:/usr/local/bin:/usr/ssl/bin:/usr/local/ssl/bin.
GENERATING PUBLIC AND PRIVATE KEYS
RSA keys can be generated with the standard OpenSSL commands, e.g.:
$ cd /var/lib/amanda
$ openssl genrsa -aes128 -out backup-privkey.pem 1024
Generating RSA private key, 1024 bit long modulus
[...]
Enter pass phrase for backup-privkey.pem: ENTER YOUR PASS PHRASE
Verifying - Enter pass phrase for backup-key.pem: ENTER YOUR PASS PHRASE
$ openssl rsa -in backup-privkey.pem -pubout -out backup-pubkey.pem
Enter pass phrase for backup-privkey.pem: ENTER YOUR PASS PHRASE
Writing RSA key
To generate a private key without a passphrase, omit the -aes128 option. See openssl_genrsa(1) for more key generation options.
Note that it is always possible to generate the public key from the private key.
KEY AND PASSPHRASE MANAGEMENT
amcrypt-ossl-asym uses the public key to encrypt data. The security of the data does not depend on the confidentiality of the public key.
The private key is used to decrypt data, and must be protected. Encrypted backup data cannot be recovered without the private key. The
private key may optionally be encrypted with a passphrase.
While the public key must be online at all times to perorm backups, the private key and optional passphrase are only needed to restore
data. It is recommended that the latter be stored offline all other times. For example, you could keep the private key on removable media,
and copy it into place for a restore; or you could keep the private key online, encrypted with a passphrase that is present only for a
restore.
OpenSSL's key derivation routines use a salt to guard against dictionary attacks on the pass phrase; still it is important to pick a pass
phrase that is hard to guess. The Diceware method (see www.diceware.com) can be used to create passphrases that are difficult to guess and
easy to remember.
FILES
/var/lib/amanda/backup-privkey.pem
File containing the RSA private key. It should not be readable by any user other than the Amanda user.
/var/lib/amanda/backup-pubkey.pem
File containing the RSA public key.
/var/lib/amanda/.am_passphrase
File containing the passphrase. It should not be readable by any user other than the Amanda user.
SEE ALSO
amanda(8), amanda.conf(5), openssl(1), amcrypt-ossl(8)
The Amanda Wiki: : http://wiki.zmanda.com/
AUTHOR
Kevin Till <kevin.till@zmanda.com>
Zmanda, Inc. (http://www.zmanda.com)
NOTES
1. www.openssl.org
http://www.openssl.org/
2. www.diceware.com
http://www.diceware.com/
Amanda 3.3.3 01/10/2013 AMCRYPT-OSSL-ASYM(8)