The Archives

  • 04.Aug.10
    The Sibyl security | rafacas | (1)
    The Sibyl is a project invented and implemented by Pedro (pfortuny) and me (rafacas). Although I have to admit that it was Pedro's idea. It started with the goal of secure storage of the shadow file and, in general, of any database of secret authentication tokens (think of passwords -actually hashes of passwords- of users of a Web-based service, for example). We consider it addresses the main concern on those databases: dictionary attacks and rainbow tables, which have become available at negligible cost: there is a cloud-based service for doing dictionary attacks on a WPA key. Our approach for storing shadow files ...
  • 25.Sep.09
    Creating RSA keys security | rafacas | (0)
    RSA is an algorithm for public-key cryptography. Its advantage is that it does not require the initial exchange of secret keys unlike symmetric key algorithms. Each user has a pair of keys, one for encryption (the public key) and another one for decryption (the private key). The private key is kept in secret while the public key may be widely distributed. OpenSSL is usually the tool used for creating an RSA key pair (the public and private ones). $ openssl genrsa -out key.pem 1024 Generating RSA private key, 1024 bit long modulus ............................................++++++ .....++++++ e is 65537 (0x10001) This command creates a 1024-bit key pair and ...
  • 17.Oct.08
    DHCP, inverted commas and ssh with RSA automated, security | pfortuny | (1)
    There is a server I manage (called alex) which has not a fixed IP. As you know, I have a shell at the best Unix server out there (by the way, it is almost free. The problem is to keep an up-to-date record of the first server's IP address. I do it as follows (and yes, I know timtowtdi). What I did was: Create an RSA public/private key pair at alex: alex $ ssh-keygen -N'' -f 'id_alex' -t rsa which creates the files id_alex and Create a cron job for my account at alex which looks like 5,10,15,20,25,30,35,40,45,50,55,0 * * * * /usr/bin/ssh -i ...