Archive for 'Security'
Configuring CGD with two-factor authentication on NetBSD
This was tested on NetBSD 3.99.16, however the instructions should be applicable to any version with cgd support Note:In my example, we will be using a vnode disk, the vnd specific steps may be omitted if not applicable. First, you will need to have pseudo-device cgd compiled into the kernel. pseudo-device cgd 4 # cryptographic [...]
Posted: January 17th, 2007 under NetBSD, Papers, Security.
Comments: none
Q: Why do I get “ERROR: failed to get private key” when trying to establish an IPSec tunnel with racoon (ipsec-tools)?
A: If you are using x509 certificates to authenticate your end-points, it is likely that your private keys are encrypted (assume the private key is named maguro.key) # less maguro.key —–BEGIN RSA PRIVATE KEY—– Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,94BC2753E921722E BjPpMYZouxEUBSdEtuRrnbcdGaTlmfuIh8RNxuijBU6ZawY1I5hosULrFKzrLzZt FJ9kg9Zo60o7U0FGzI1LTw4UalQnnkgH/quRZ4pJeM20Hjc5m4mj+YDtXAgNXYrw [ snip ] F2EmHvuKGA+kF50n2CF9zXbg95iJZ2Fn57+8FTOmzNDMxQZDgfJ2BM2iy4eCy2kv gp9gSvZrPLXJsw8ezrIsaNGsD9WEKim50je1LiWNMlBiVr8U41wgPg== —–END RSA PRIVATE KEY—– To retrieve the unencrypted private [...]
Posted: January 16th, 2007 under Answers, DragonFlyBSD, FreeBSD, NetBSD, Security.
Comments: none
Q: How do I use OpenSSL to encrypt files?
A: This depends on if you want symmetric or asymmetric encryption. For symmetic encryption, you can use the following… To encrypt: > openssl aes-256-cbc -salt -a -e -in plaintext.txt -out encrypted.txt To decrypt this, you can use the following. > openssl aes-256-cbc -salt -a -d -in encrypted.txt -out plaintext.txt Now, for Asymmetric encryption [...]
Posted: January 16th, 2007 under Answers, DragonFlyBSD, FreeBSD, NetBSD, OpenBSD, Security.
Comments: 1