Archive for 'Security'
Configuring CGD with two-factor authentication on NetBSD
This was tested on NetBSD 3.99.16, however the instructions should be applicable to any version with cgd support
Note:In my example, we will be using a vnode disk, the vnd specific steps may be omitted if not applicable.
First, you will need to have pseudo-device cgd compiled into the kernel.
pseudo-device cgd [...]
Posted: January 17th, 2007 under NetBSD, Papers, Security.
Comments: none
Q: Why do I get “ERROR: failed to get private key” when trying to establish an IPSec tunnel with racoon (ipsec-tools)?
A: If you are using x509 certificates to authenticate your end-points,
it is likely that your private keys are encrypted (assume the private key
is named maguro.key)
# less maguro.key
—–BEGIN RSA PRIVATE KEY—–
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,94BC2753E921722E
BjPpMYZouxEUBSdEtuRrnbcdGaTlmfuIh8RNxuijBU6ZawY1I5hosULrFKzrLzZt
FJ9kg9Zo60o7U0FGzI1LTw4UalQnnkgH/quRZ4pJeM20Hjc5m4mj+YDtXAgNXYrw
[ snip ]
F2EmHvuKGA+kF50n2CF9zXbg95iJZ2Fn57+8FTOmzNDMxQZDgfJ2BM2iy4eCy2kv
gp9gSvZrPLXJsw8ezrIsaNGsD9WEKim50je1LiWNMlBiVr8U41wgPg==
—–END RSA [...]
Posted: January 16th, 2007 under Answers, DragonFlyBSD, FreeBSD, NetBSD, Security.
Comments: none
Q: How do I use OpenSSL to encrypt files?
A: This depends on if you want symmetric or asymmetric encryption.
For symmetic encryption, you can use the following…
To encrypt:
> openssl aes-256-cbc -salt -a -e -in plaintext.txt -out encrypted.txt
To decrypt this, you can use the following.
> openssl aes-256-cbc -salt -a -d -in encrypted.txt -out plaintext.txt
Now, for Asymmetric encryption you must first generate your private key and [...]
Posted: January 16th, 2007 under Answers, DragonFlyBSD, FreeBSD, NetBSD, OpenBSD, Security.
Comments: 1