Yes, you are missing something. The message before mine, to be more
specific. A subscriber asked how to run Apache automatically (probably
from his rc.d or init.d scripts), and was answered that he should
write a program to supply this password to Apache. So I responded with
my message, that
On Fri, 24 Mar 2000, Eli Marmor wrote:
Jan Meijer wrote:
A hacker can copy your key, no matter if it is encrypted or not; It
will just spend one more minute for him.
Perhaps I'm missing something here, but if your key is encrypted and the
only way to decrypt it is to actally
A hacker can copy your key, no matter if it is encrypted or not; It
will just spend one more minute for him.
Perhaps I'm missing something here, but if your key is encrypted and the
only way to decrypt it is to actally enter the passphrase manually (e.g. no
automatic start-up) the hacker can
be compromised, if you would please explain (with an example if possible)
how it works.
Thanks you in advance.
- Original Message -
From: Ralf S. Engelschall [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, March 22, 2000 8:33 PM
Subject: Re: How works the 'SSLPassPhraseDialog
Jan Dries said:
For example in C:
int main(int argc, char** argv)
{
printf("xx"); // replace xx with your actual password.
return 0;
}
Minor point, and perhaps off-topic here, but I'd strongly suggest avoiding
such uses of the printf statement in general. Use the puts()
Hello
I had noticed that I could give the password of the private
key fo the server with the 'SSLPassPhraseDialog' with no human-interactive in
the server start up. With the directive 'exec:/path/to/program' but I don´t had
any ideaof this program.Would you please post an example of this
On Wed, Mar 22, 2000, Francisco Javier Martínez Martínez wrote:
I had noticed that I could give the password of the private key fo the
server with the 'SSLPassPhraseDialog' with no human-interactive in the
server start up. With the directive 'exec:/path/to/program' but I don´t had
any idea
The program is any program that outputs the password to the standard
output, that is to the screen.
For example in C:
int main(int argc, char** argv)
{
printf("xx"); // replace xx with your actual password.
return 0;
}
Another possibility is to use an executable script that just
In short, as I claim always, there is nothing good in PEM, because
you can't eat the cake and have it. You either have an un-encrypted
file, or you have an encrypted file - but with another program that
outputs this password. And you don't have to look for this program -
just look at the