Filed under Linux Mint

Feb 14 2012
Leave a comment
Debian, leopard, Linux, Linux Mint, Mac, OS-X, ssh, Ubuntu, Uncategorized

Generating private keys with openssl

Keys are the basis of public key algorithms and PKI. Keys usually come in pairs, with one half being the public key and the other half being the private key. With OpenSSL, the private key contains the public key information as well, so a public key doesn’t need to be generated separately.

Public keys come in several flavors, using different cryptographic algorithms. The most popular ones associated with certificates are RSA and DSA, and this  article will show how to generate each of them.

Generating an RSA key

A RSA key can be used both for encryption and for signing and generating a key is quite easy, all you have to do is the following:

  openssl genrsa -des3 -out privkey.pem 2048

That will generate a private key with is password protected (it will prompt you for the password during generation). If you don’t want it password protected (usually for server side use) then leave the -des3 parameter out, i.e.:

  openssl genrsa -out privkey.pem 2048
 The number 2048 is the size of the key, in bits. Today, 2048 or higher is recommended for RSA keys, as fewer amount of bits is considered insecure.

Generating a DSA key

A DSA key can be used for signing only. This is important to keep in mind to know what kind of purposes a certificate request with a DSA key can really be used for.

Generating a key for the DSA algorithm is a two-step process. First, you have to generate parameters from which to generate the key then to generate the key itself.

  openssl dsaparam -out dsaparam.pem 2048
  openssl gendsa -des3 -out privkey.pem dsaparam.pem

Again like RSA, 2048 is the size of the key, in bits with anything smaller than 2048 being insecure in todays standards.

Also the -des3 parameter will prompt you for a pass phrase – for server use leave it out:

  openssl dsaparam -out dsaparam.pem 2048
  openssl gendsa -out privkey.pem dsaparam.pem
Tagged , , , , , , ,
Feb 06 2012
Leave a comment
Debian, Linux, Linux Mint, Ubuntu

Installing the latest Firefox on Linux Mint

This probably applies to Ubuntu as well, but on my Linux Mint 10 install it was stuck on Firefox 3.5 with the occasional updates so how do you get the latest Firefox to install with updates?

Well it’s pretty simple, first make sure FireFox isn’t running then:

 sudo add-apt-repository ppa:mozillateam/firefox-stable
 sudo apt-get update
 sudo apt-get install firefox ubufox

Thats all thats needed.

Jan 10 2012
Leave a comment
Linux, Linux Mint, mercurial, Ubuntu

Installing latest mercurial when Ubuntu or Linux Mint repos don’t have it

Ah I just hit an interesting problem with Mercurial. I had a repository which had been created with a recent version however I had to restore it from a backup onto another machine however I couldn’t commit to it as it’s format wasn’t supported:

$ hg st
abort: requirement ‘dotencode’ not supported!

The reason is that the dotencode format was only introduced into mercurial in version 1.7 so if you’re running an earlier version then you’ll get this error. Ok so upgrade – problem is that according to apt I had the latest version – 1.6.3 – erm nope thats not the latest.

Thankfully the fix is simple, all you need is to ass the correct repository first before installing the latest version

sudo add-apt-repository ppa:mercurial-ppa/releases
sudo apt-get update
sudo apt-get install mercurial

Once you’ve done that then you’ll find mercurial will work again as expected.

Tagged , , , , , , ,
Follow

Get every new post delivered to your Inbox.

Join 1,445 other followers