On 02/09/2015 01:57 PM, Joseph wrote:
It moved to /usr/share/easy-rsa when the app-crypt/easy-rsa package was
split off.
I've emerged easy-rsa but the /usr/share/openvpn/easy-rsa/ directory wasn't
created.
That's because
It moved to /usr/share/easy-rsa
=)
On 02/09/15 13:47, Michael Orlitzky wrote:
On 02/09/2015 01:42 PM, Joseph wrote:
I've openvpn installed:
...
amd I'm trying to generate server key but I don't have directory:
/usr/share/openvpn/easy-rsa/
does openvpn creates this directory or I do it manually?
It moved to /usr/share/easy
/static/applied-crypto-hardening.pdf
--
Regards,
Mick
I've tried various combination in my: 00_default_ssl_vhost.conf
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT
But openssl ciphers -v still lists:
EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Au
On 02/09/15 11:57, Joseph wrote:
On 02/09/15 13:47, Michael Orlitzky wrote:
On 02/09/2015 01:42 PM, Joseph wrote:
I've openvpn installed:
...
amd I'm trying to generate server key but I don't have directory:
/usr/share/openvpn/easy-rsa/
does openvpn creates this directory or I do it manually
On 02/09/2015 01:42 PM, Joseph wrote:
I've openvpn installed:
...
amd I'm trying to generate server key but I don't have directory:
/usr/share/openvpn/easy-rsa/
does openvpn creates this directory or I do it manually?
It moved to /usr/share/easy-rsa when the app-crypt/easy-rsa package
On Mon, Feb 9, 2015 at 8:57 PM, Joseph syscon...@gmail.com wrote:
On 02/09/15 13:47, Michael Orlitzky wrote:
On 02/09/2015 01:42 PM, Joseph wrote:
I've openvpn installed:
...
amd I'm trying to generate server key but I don't have directory:
/usr/share/openvpn/easy-rsa/
does openvpn
On 02/06/2017 07:53 PM, the...@sys-concept.com wrote:
> I'm trying to configure "openvpn" on my new box (have done it in the
> past - long time ago).
>
> Trying to follow some basic instruction but when I change to:
> cd /usr/share/easy-rsa/
>
> and try to run
Hi,
after updating as usual (and making python 3.10 default), gsutil doesn't
work any more. First, it claimed missing "aiohttp", and after installing
that manually, it now says
pkg_resources.ContextualVersionConflict: (rsa 4.8
(/usr/lib/python3.10/site-packages), Requirement.parse('
, it works.
Ssh-agent finds the DSA key (still completely ignores the RSA key) in
both cases but SSH can't use it unless the RSA key is there so copying
works. Somehow SSH is able to reuse the passphrase I typed for the
DSA key when the RSA key is used. Very strange.
Seriously, did you try running ssh
On Monday 09 October 2006 09:07, Mick [EMAIL PROTECTED] wrote
about '[gentoo-user] [OT] RSA Vs DSA keys for SSH authentication':
Some say that RSA is
widely considered more secure than DSA.
DSA is mathematically stronger than RSA. However, that doesn't mean much
since most attacks don't
Hi all,
I'm running ssh-agent so I only have to type my passphrase once. At
least that was the plan. I'm trying to use an RSA key instead of DSA.
This does not seem to please ssh-agent. It seems to just look for
id_dsa and ignore the id_rsa.
(a) If I create a DSA key then it finds
On Monday 09 October 2006 16:59, Remy Blank wrote:
DSA keys are always 1024 bits, as this is mandated by the standard. RSA
keys can have variable length. From man ssh-keygen:
-b bits
Specifies the number of bits in the key to create. For RSA keys,
the minimum size is 768 bits
On Monday 09 October 2006 22:48, Boyd Stephen Smith Jr. wrote:
On Monday 09 October 2006 09:07, Mick [EMAIL PROTECTED] wrote
about '[gentoo-user] [OT] RSA Vs DSA keys for SSH authentication':
Some say that RSA is
widely considered more secure than DSA.
DSA is mathematically stronger than
DSA is mathematically stronger than RSA. However, that doesn't mean much
since most attacks don't come from attacking the core of the algorithm
anyway.
Do you mean that an RSA key with twice the number of bits (e.g. 2048 or even
higher) is still weaker (i.e. easier to crack) than the DSA key
On 02/06/2017 08:23 PM, Michael Orlitzky wrote:
> On 02/06/2017 09:53 PM, the...@sys-concept.com wrote:
>> I'm trying to configure "openvpn" on my new box (have done it in the
>> past - long time ago).
>>
>> Trying to follow some basic instruction but when I
On 02/06/2017 10:37 PM, the...@sys-concept.com wrote:
[snip]
> but I'm getting an error below:
>
> ./easyrsa build-client-full syscon_home nopass
> NOTE: If you run ./clean-all, I will be doing a rm -rf on
> /usr/share/easy-rsa/keys
>
> Note: using Easy-RSA configuration f
Mick wrote:
I have looked around and have found confusing info regarding which is a
better
key cipher to use for ssh authentication. Some say that RSA is widely
considered more secure than DSA. Some say that it doesn't really matter, as
long as you use a large enough bits setting
On Fri, 27 Jun 2008 10:51:57 +0200, Alan McKinnon wrote:
Neil
mentioned GCHQ developing public key several years before RSA, but do
note that RSA still had the same bright idea that GCHQ had, only a few
short years later.
The important point was that they kept quiet about it. Even after
and ~/.ssh/identity.
It wors for me with an RSA key, anyway:
$ ls .ssh/
id_rsa id_rsa.pub known_hosts
$ eval $(ssh-agent)
Agent pid 22390
$ ssh-add .ssh/id_rsa
Identity added: .ssh/id_rsa (.ssh/id_rsa)
Did you try generating a new RSA key (just to see if it can be added)?
Hi All,
I have looked around and have found confusing info regarding which is a better
key cipher to use for ssh authentication. Some say that RSA is widely
considered more secure than DSA. Some say that it doesn't really matter, as
long as you use a large enough bits setting in creating
On Monday 09 October 2006 17:51, Drew [EMAIL PROTECTED] wrote about 'Re:
[gentoo-user] [OT] RSA Vs DSA keys for SSH authentication':
RSA has
the advantage of allowing longer key lengths
From what I understand, the DSA algorithm has no particular ties to the
1024-bit key length
On Sat, 3 Nov 2012 19:11:47 -0600, Joseph wrote:
I'm running OpneVPN server/client configuration on Linux machines but
I'm not sure which setting to select on Android to talk to OpneVPN
Android 4 comes with VPN type:
PPTP
L2TP/IPSec PSK
L2TP/IPSec RSA
IPSec Xauth PSK
IPSec Xauth RSA
Thanks for the link. Which ssl_ciphers do you use? Which one does
openssl show you're using? I have:
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH;
and 'openssl s_client -host HOSTNAME -port 443' shows:
Cipher: ECDHE-RSA-AES256-GCM-SHA384
I also get
I changed in apache: 00_default_ssl_vhost.conf
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite
EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DH$
and now apache
On 01/05/2016 08:45 PM, the...@sys-concept.com wrote:
> I changed in apache: 00_default_ssl_vhost.conf
>
> SSLProtocol ALL -SSLv2 -SSLv3
> SSLHonorCipherOrder on
> SSLCipherSuite
> EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:EC
On 2017-07-21 11:42, Grant wrote:
> OK you guys win. Can anyone point me toward docs on the easiest way
> to set up the connection?
Start by installing app-crypt/easy-rsa. Follow [1] as literally as it
makes sense, changing just the names. In particular, it really lowers
the confusion
>> OK you guys win. Can anyone point me toward docs on the easiest way
>> to set up the connection?
>
> Start by installing app-crypt/easy-rsa. Follow [1] as literally as it
> makes sense, changing just the names. In particular, it really lowers
> the confusion if you f
On Sun, 26 Dec 2021 18:07:56 +, Michael wrote:
> > Host a..cc
> > Ciphers +ssh-rsa
>
> The initial error is about "no matching host key type", so the option
> needed would be:
>
> HostKeyAlgorithms +ssh-rsa
You're right, I was lo
Mark David Dumlao wrote:
On Wed, Dec 24, 2008 at 1:36 AM, Alan McKinnon alan.mckin...@gmail.com
wrote:
DSA / RSA
tun / tap
tun - to uniplexed node?
tap - to any person?
it makes some vague sense
I think what Alan refers to is:
http://en.wikipedia.org/wiki/TUN/TAP
I'm not sure
How to get rid of this error:
[warn] RSA server certificate CommonName (CN) `localhost' does NOT match server
name
Every time I start apache it generate this error in ssl_error_log
My certificate is for my domain-name not my localhost, and I don't have
any vhost configured with localhost so why
directory:
/usr/share/openvpn/easy-rsa/
does openvpn creates this directory or I do it manually?
--
Joseph
Thanks I found it.
...Openvpn prior to 2.3 have easy-rsa scripts included, not the current one
--
Joseph
On 02/06/2017 09:53 PM, the...@sys-concept.com wrote:
> I'm trying to configure "openvpn" on my new box (have done it in the
> past - long time ago).
>
> Trying to follow some basic instruction but when I change to:
> cd /usr/share/easy-rsa/
>
> and try to run
doing a rm -rf on
> > /usr/share/easy-rsa/keys
> >
> > Note: using Easy-RSA configuration from: ./vars
> >
> > Easy-RSA error:
> >
> > Missing expected CA file: serial (perhaps you need to run build-ca?)
> > Run without commands for usage and comma
in,
ssh-agent (or ssh-add, whatever) asks me for a passphrase for the DSA
key it finds. But it consistently ignores the RSA key.
Really, everything is (or at least seems to be) working wonderfully
*for DSA*. As you also indicated, it *should* work for both DSA and
RSA ... except that on my box
On Wednesday 24 December 2008 12:27:29 pk wrote:
Mark David Dumlao wrote:
On Wed, Dec 24, 2008 at 1:36 AM, Alan McKinnon alan.mckin...@gmail.com
wrote:
DSA / RSA
tun / tap
tun - to uniplexed node?
tap - to any person?
it makes some vague sense
I think what Alan refers
On 11/04/12 03:13, Alan McKinnon wrote:
[snip]
I'm running OpneVPN server/client configuration on Linux machines but
I'm not sure which setting to select on Android to talk to OpneVPN
Android 4 comes with VPN type:
PPTP
L2TP/IPSec PSK
L2TP/IPSec RSA
IPSec Xauth PSK
IPSec Xauth RSA
IPSec Hybrid
On Sunday, 26 December 2021 17:00:46 GMT Neil Bothwick wrote:
> On Sun, 26 Dec 2021 11:42:41 -0500, Philip Webb wrote:
> > I want to login to a remote site using 'ssh'.
> > The response I get is "Unable to negotiate with port
> > : no matching host key type found. Th
Anyone know if RSA keys are incompatible between ssh-3.8 and sshd-4.2?
I have this combination between 2 clients and 1 server.
RSA keys consistently fail, DSA keys consistently succeed.
The clients are on FreeBSD 5.4 and 5.5, server is FreeBSD 6.1
I found one report on google of a similar case
Joseph wrote:
How to get rid of this error:
[warn] RSA server certificate CommonName (CN) `localhost' does NOT match server
name
Every time I start apache it generate this error in ssl_error_log
My certificate is for my domain-name not my localhost, and I don't have
any vhost configured
On Sun, 2005-09-18 at 13:15 +0200, Christoph Gysin wrote:
Joseph wrote:
How to get rid of this error:
[warn] RSA server certificate CommonName (CN) `localhost' does NOT match
server name
Every time I start apache it generate this error in ssl_error_log
My certificate is for my
On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote:
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making them yourself, the extra
bits are free. I would assume that the NSA can crack 1024-bit RSA[1],
so
On Mon, Feb 06, 2017 at 08:03:21PM -0700, the...@sys-concept.com wrote:
> and try to re-emerge it, it is not taking any effect.
> emerge -avq easy-rsa
>
> [ebuild R ] app-crypt/easy-rsa-3.0.1-r1 USE="(-libressl)"
>
> why isn't the package enclosing the libressl
returned different signature type ssh-rsa (expected
rsa-sha2-512)
If I use the console to log into B and then ssh to A,
I get the same warning.
I see no ill effects.
Need I take any action?
thanks in advance,
allan
On Sun, 26 Dec 2021 11:42:41 -0500, Philip Webb wrote:
> I want to login to a remote site using 'ssh'.
> The response I get is "Unable to negotiate with port
> : no matching host key type found. Their offer: ssh-rsa,ssh-dss".
> Yesterday, I updated 'openssh' :
It so
211226 Michael wrote:
> On Sun, 26 Dec 2021 11:42:41 -0500, Philip Webb wrote:
>> I want to login to a remote site using 'ssh'.
>> The response I get is "Unable to negotiate with port
>> : no matching host key type found. Their offer: ssh-rsa,ssh-dss".
&
).
Resolving 'distrowatch.com:443'...
Connecting to '82.103.129.71:443'...
- Certificate type: X.509
- Got a certificate list of 4 certificates.
- Certificate[0] info:
- subject `CN=distrowatch.com', issuer `CN=R3,O=Let's Encrypt,C=US',
serial 0x0408fd5a5ae26286bed92e97da0c830f623c, RSA key 2048 bits
Hello All,
Does anybody know if it's possible to set up a vpn from a Gentoo machine
to a Checkpoint firewall? With pre shared keys it seems easy enough but I
need to connect using xauth and RSA tokens. Has anybody attempted such a
connection?
Cheers,
Paul
--
gentoo-user@lists.gentoo.org
Saphirus Sage wrote:
I'd just as soon leave the root account able to be logged in over SSH
and remove password authentication in preference of a 2048-bit RSA key.
Just use a script to add failed logins to a deny list.
I tend to forget that this isn't Debian, so yeah, that'll work ;D
On Tuesday 12 May 2009, 06:35, Hilco Wijbenga wrote:
This works for me too but afterwards the key is completely ignored.
What happens if you do this and then restart the shell? Or better yet,
what happens if you logout completely and then log back in? For me,
the RSA key is completely ignored
On Tuesday 12 May 2009, 11:17, Etaoin Shrdlu wrote:
Does ssh-agent really ask you for a passphrase when starting a
shell?
Not if you don't invoke it :)
Sorry, that is a bit unclear. Ssh-agent will never ask for a password.
It's ssh-add that does (if you run it after the agent), assuming
On Sun, 2009-05-10 at 22:18 -0700, Hilco Wijbenga wrote:
Hi all,
[...]
I would recommend you to try
[I] net-misc/keychain
Available versions: 2.6.6 2.6.8
Installed versions: 2.6.8(19:38:13 04/17/09)
Homepage:http://www.gentoo.org/proj/en/keychain/
Description:
On Wed, Dec 24, 2008 at 1:36 AM, Alan McKinnon alan.mckin...@gmail.com wrote:
DSA / RSA
tun / tap
tun - to uniplexed node?
tap - to any person?
it makes some vague sense
Joseph wrote:
The (CN) of the certificate match out company name it doesn't match
localhost
I assume your apache is configured with hostname localhost.
What does your apache.conf look like? (snipped to the relevant parts, of course)
Christoph
--
echo mailto: NOSPAM !#$.'*'|sed 's. ..'|tr *
I've configured OpenVPN and it works OK but I can not seems to figure it out
how to assign static IP to clients
My server.conf port 8458
proto udp
dev tun
mode server
ca /usr/share/openvpn/easy-rsa/keys/ca.crt
cert /usr/share/openvpn/easy-rsa/keys/server.crt
key /usr/share/openvpn/easy-rsa/keys
On Thursday 03 Apr 2014 16:42:13 Alan McKinnon wrote:
Third comment in this blog post gives excellent advice on how to do it
better:
http://www.turnkeylinux.org/forum/support/20121228/rsa-server-certificate-ca
-certificate-error
Thanks Alan. I should have googled for myself and avoided
I've openvpn installed:
Installed versions: 2.3.6(11:44:47 PM 01/30/2015)(lzo pam plugins ssl -down-root -examples -iproute2 -passwordsave -pkcs11 -polarssl -selinux -static -systemd
USERLAND=-BSD)
amd I'm trying to generate server key but I don't have directory:
/usr/share/openvpn/easy-rsa
I'm trying to configure "openvpn" on my new box (have done it in the
past - long time ago).
Trying to follow some basic instruction but when I change to:
cd /usr/share/easy-rsa/
and try to run: ./build-ca
bash: ./build-ca: No such file or directory
--
Thelma
; >> > If I use the console to log into A and then ssh to B, I get
> >> >
> >> > warning: agent returned different signature type ssh-rsa (expected
> >> > rsa-sha2-512)
> >> >
> >> > If I use the console to log into B and then ssh to
--sync after a long absence.
>> >
>> > The large emerge --update @world's finally finished on each machine. One
>> > new behavior is that
>> >
>> > If I use the console to log into A and then ssh to B, I get
>> >
>> > warning: agent
Hi,
I cannot run emerge --sync
I always get
ERROR:root:OpenPGP verification failed:
gpg: Signature made Fri 02 Feb 2018 09:38:18 AM UTC
gpg:using RSA key
E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
gpg: Can't check signature: No public key
What might have been happened?
Many
l-1.0.2n:0/0::gentoo, ebuild scheduled for merge)
>> pulled in by
>
>> dev-libs/openssl:0= required by
> [lots of packages]
>
>> (dev-libs/libressl-2.6.0:0/43::gentoo, ebuild scheduled for merge)
>> pulled in by dev-libs/libressl required by
>> (app-cr
:// is needed to indicate an explicit TLS
connection.
> Sending a test message I got a prompt...
>
> This certificate belongs to:
>Sectigo RSA Domain Validation Secure Server CA
>Sectigo Limited
>
>Salford Greater Manchester GB
> yada, yada, yada
Thi
).
Resolving 'distrowatch.com:443'...
Connecting to '82.103.129.71:443'...
- Certificate type: X.509
- Got a certificate list of 4 certificates.
- Certificate[0] info:
- subject `CN=distrowatch.com', issuer `CN=R3,O=Let's Encrypt,C=US',
serial 0x0408fd5a5ae26286bed92e97da0c830f623c, RSA key 2048 bits
the RSA. And also if you wan't to get
PFS you will need to consider your setup, certificate and security
model.
What is PFS?
http://en.wikipedia.org/wiki/Forward_secrecy
I'm no mathematical genius to understand cryptography at anything more
than a superficial level, but I
On Sun, 2021-12-26 at 11:42 -0500, Philip Webb wrote:
> I want to login to a remote site using 'ssh'.
> The response I get is "Unable to negotiate with port
> :
> no matching host key type found. Their offer: ssh-rsa,ssh-dss".
> Yesterday, I updated 'openssh' :
>
>
to '82.103.129.71:443'...
- Certificate type: X.509
- Got a certificate list of 4 certificates.
- Certificate[0] info:
- subject `CN=distrowatch.com', issuer `CN=R3,O=Let's Encrypt,C=US',
serial 0x0408fd5a5ae26286bed92e97da0c830f623c, RSA key 2048 bits,
signed using RSA-SHA256, activated `2021-09
On Friday 01 May 2009, Grant wrote:
$ ssh -Y 192.168.10.1
The authenticity of host '192.168.10.1 (192.168.10.1)' can't be
established. RSA key fingerprint is.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts
(/home/grant/.ssh
$ ssh -Y 192.168.10.1
The authenticity of host '192.168.10.1 (192.168.10.1)' can't be
established. RSA key fingerprint is.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts
(/home/grant/.ssh/known_hosts).
I think the problem
On Thursday 04 December 2008, Alan McKinnon wrote:
Anyone know if RSA keys are incompatible between ssh-3.8 and sshd-4.2?
I have this combination between 2 clients and 1 server.
RSA keys consistently fail, DSA keys consistently succeed.
The clients are on FreeBSD 5.4 and 5.5, server
Pidgin, as via a plugin, it can be used in combination with OTR
(Off-The-Record) which uses public-key encryption between clients, and
ontop of that, there's even a plugin for pidgin which uses RSA instead,
which I've found to be buggy, but is certainly a bit stronger in the
cryptographic sense
you use? Which one does
openssl show you're using? I have:
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH;
and 'openssl s_client -host HOSTNAME -port 443' shows:
Cipher: ECDHE-RSA-AES256-GCM-SHA384
I also get Verify return code: 20 (unable to get local issuer
this -
http://matt.io/entry/ur
Thanks for the link. Which ssl_ciphers do you use? Which one does
openssl show you're using? I have:
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH;
and 'openssl s_client -host HOSTNAME -port 443' shows:
Cipher: ECDHE-RSA-AES256-GCM
Thanks for the link. Which ssl_ciphers do you use? Which one does
openssl show you're using? I have:
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH;
To see what openssl is configured to use try:
openssl ciphers
Thank you but I'm most interested
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making them yourself, the extra
bits are free. I would assume that the NSA can crack 1024-bit RSA[1],
so why
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/09/2013 02:07 PM, Mick wrote:
On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote:
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making them yourself
On Monday 09 Sep 2013 20:24:56 Michael Orlitzky wrote:
On 09/09/2013 02:07 PM, Mick wrote:
On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote:
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making
and cloud.key. I put both of those under /etc/apache2/private. I ignored the
vague references to intermediate files. The command I gave was:
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cloud.key -out
cloud.crt
Now when I start Apache I get this warning, twice:
RSA server
of times since creating
the original key-pair+CR, but never created a new key-pair/CR...
There are also other algorithms the RSA. And also if you wan't to get
PFS you will need to consider your setup, certificate and security
model.
What is PFS?
http://en.wikipedia.org/wiki/Forward_secrecy
already compromised.
I have created new self-=signed certs a couple of times since creating
the original key-pair+CR, but never created a new key-pair/CR...
There are also other algorithms the RSA. And also if you wan't to get
PFS you will need to consider your setup, certificate
take too long because your private key(s) are potentially
already compromised.
I have created new self-=signed certs a couple of times since
creating the original key-pair+CR, but never created a new
key-pair/CR...
There are also other algorithms the RSA. And also if you
wan't to get PFS you
Before upgrading to apache 2.2.27 I had this line in httpd.conf
SSLProtocol -ALL +SSLv3 +TLSv1 +TLSv1.2
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT
and I was getting A- rating from: www.ssllabs.com
Now after upgrading to apache-2.2.27 I'm getting C because of weak Cipher
t; new behavior is that
>
> If I use the console to log into A and then ssh to B, I get
>
> warning: agent returned different signature type ssh-rsa (expected
> rsa-sha2-512)
>
> If I use the console to log into B and then ssh to A,
> I get the same warning.
>
> I see no ill effe
On 24/05/2020 20:15, Consus wrote:
I've got this today:
$ sudo emerge --sync
Checking signature ...
gpg: Signature made Sun 24 May 2020 03:56:07 MSK
gpg:using RSA key
E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
gpg: Good signature from
to crack encryption, what
would you use? How does one tell cryptsetup to use it? I have several
encryption options here but no idea what is the best or even just good.
If you want encryption that can't be cracked, go for RSA. It's uncrackable.
Now you might be wondering why I say that, given
.
For commercial entities, the government could just contact the company
and apply pressure, no need to sneak the backdoor in. Cf. RSA .
have this:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlemail.com; s=gamma;
h=domainkey-signature:received:received:message-id:disposition-notification-to:date:reply-to:user-agent:mime-version:to:subject:references:in
2009/5/12 Philipp Riegger li...@anderedomain.de:
On Sun, 2009-05-10 at 22:18 -0700, Hilco Wijbenga wrote:
I would recommend you to try
[I] net-misc/keychain
Available versions: 2.6.6 2.6.8
Installed versions: 2.6.8(19:38:13 04/17/09)
Homepage:
Alan McKinnon wrote:
As I used them they are not related. DSA and RSA are key hash algorithms, I
can never tell them apart and have to haul out the man page to rediscover
which one I tell my users to use :-)
tun tap - same thing. One is routed, one is more like level 2. Do you think
I
On Wednesday 24 December 2008, 11:39, Alan McKinnon wrote:
DSA / RSA
tun / tap
tun - to uniplexed node?
tap - to any person?
it makes some vague sense
I think what Alan refers to is:
http://en.wikipedia.org/wiki/TUN/TAP
I'm not sure if this is what he seeks:
RSA
not allowing password-based logins at all for ssh?
Use RSA keys instead. It's much easier, and much more secure.
--
Walter Dnes waltd...@waltdnes.org
On Sun, 15 Nov 2009 01:21:55 -0500, Walter Dnes wrote:
Have you considered not allowing password-based logins at all for ssh?
Use RSA keys instead. It's much easier, and much more secure.
That doesn't stop the attempts.
--
Neil Bothwick
Quantum leap: (adj.) literally, to move
On 02/25/2010 02:32 AM, Joseph wrote:
I've configured OpenVPN and it works OK but I can not seems to figure it
out how to assign static IP to clients
My server.conf port 8458
proto udp
dev tun
mode server
ca /usr/share/openvpn/easy-rsa/keys/ca.crt
cert /usr/share/openvpn/easy-rsa/keys
, cipher=DHE-RSA-
AES256-SHA, bits=256/256
Any idea why this is happening?
--
Regards,
Mick
signature.asc
Description: This is a digitally signed message part.
would be in
~/.ssh/id_dsa[rsa].pub, but now with ECDSA being the default they
would be in ~/.ssh/id_ecdsa.pub
I recall something being mentioned in the elog asking to regenerate
the key-pair.
HTH.
--
Regards,
Mick
On 2012-06-02 15:12, Florian Philipp wrote:
According to [1] it is SHA-256 and RSA-2048. If I understand it
correctly, there are means to blacklist compromised keys. That's
why
Just curious, how is a compromised key supposed to be blacklisted?
Does the bios contact Microsoft
=-BSD)
amd I'm trying to generate server key but I don't have directory:
/usr/share/openvpn/easy-rsa/
does openvpn creates this directory or I do it manually?
--
Joseph
On Fri, 02 Feb 2018 11:11:38 +0100
Helmut Jarausch <jarau...@skynet.be> wrote:
Hi,
I cannot run emerge --sync
I always get
ERROR:root:OpenPGP verification failed:
gpg: Signature made Fri 02 Feb 2018 09:38:18 AM UTC
gpg:using RSA key
E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9
On Saturday 29 November 2008, Eric Martin wrote:
Mick wrote:
Hi All,
For some reason my Gentoo rsa public key is not liked by 3.9p1-11.el4_7
sshd, which is running on a CentOS server. On the Gentoo machine I am
running net-misc/openssh-5.1_p1-r1. This is what it shows
Mick wrote:
On Saturday 29 November 2008, Eric Martin wrote:
Mick wrote:
Hi All,
For some reason my Gentoo rsa public key is not liked by 3.9p1-11.el4_7
sshd, which is running on a CentOS server. On the Gentoo machine I am
running net-misc/openssh-5.1_p1-r1. This is what
setting to select on Android to talk to OpneVPN
Android 4 comes with VPN type:
PPTP
L2TP/IPSec PSK
L2TP/IPSec RSA
IPSec Xauth PSK
IPSec Xauth RSA
IPSec Hybrid RSA
Which one is compatible with OpenVPN?
My preference would be to connect to an existing session shadow
--
Joseph
1 - 100 of 387 matches
Mail list logo