Sep 12 2014

PGP Key Security generating and using SubKeys.

Loosing the private key it’s bad, but if someone steals the private key, it’s a disaster.
Thieves can not only decrypt personal data, they can also impersonate the owner by signing messages with his private key.
Yes, it is possible to revoke the stolen key, but that would mean probably loose years of signatures and basically creating a massive inconvenience to redistribute a new public key to the world. SubKeys can help to prevent this disaster.

Having separate SubKeys makes key management easier and protects you in certain occasions, for example it is possible to create a new SubKey when a previous one gets stolen, without losing previous signatures.
Continue reading

May 18 2011

DSA key login and command execution via SSH on RouterOS

Since RouterOS 2.9.13 the support for SSH DSA keys and command execution via ssh connection is available.

This allows admins to run commands and scripts from a remote machine on a RouterOS equipped one without inserting interactively a password to authenticate (Public/Private Key Authentication).
Continue reading

May 18 2011

Most Common OpenSSL Commands

One of the most versatile SSL tools (the default toolkit installed in Linux distributions) is OpenSSL which is an open source implementation of the SSL protocol. OpenSSL is commonly used to create the CSR and private key for many different platforms.

OpenSSL has hundreds of different functions to, for example, view the details of a CSR or certificate, compare an MD5 hash of the certificate and private key (to ensure they match), convert the certificate to a different format and so on.

Continue reading