Questions tagged [private-key]
170 questions
2
votes
2 answers
SSH backup server - connect to multiple passwordless remotes
I'm wondering what are the steps to configure password-less ssh keys so I can connect and pull data from multiple remote servers. Can I just do:
Backup Machine:
ssh-keygen -t rsa
ssh-copy-id -i /home/user/.ssh/id_rsa.pub root@server1
ssh-copy-id -i…
JoshyD
- 21
- 1
2
votes
2 answers
strongSwan - how do i generate pre shared keys?
I'm using the strongswan documentation right here
I've added to /etc/ipsec.secrets the following line:
: RSA moonKey.pem "SomePwd"
however i don't know how to create moonKey.pem. Any ideas?
this is a follow up question to this one:
strongSwan ipsec…
lurscher
- 172
- 1
- 3
- 17
2
votes
2 answers
When should I generate a new private key for SSL?
I'm renewing a wildcard SSL cert. The easiest option is to use my existing private key and generate a new CSR using that. Is there any reason (assuming my private key hasn't been compromised) to go the extra mile and generate a new private key as…
Nate
- 229
- 4
- 9
2
votes
1 answer
Error while decrypting https traffic in Wireshark
I configured Jetty with a self-generated private key and cert after a long struggle. Now, I'm having trouble decrypting the HTTPS traffic from the Jetty server that I captured for inspection.
The following is the error from Wireshark's SSL log (file…
Srikanth
- 189
- 1
- 3
- 8
2
votes
1 answer
AWS - ssh to instance in private subnet
I have 2 instances in AWS. One of them in a public subnet (bastion), the second one in a private subnet.
Both of them were launched with the same key pair (.pem file).
This is how I connect to the bastion:
ssh -i secret.pem ec2-user@public-ip
Works…
shoddylik
- 21
- 1
2
votes
1 answer
Distribute Secrets via Active Directory [Group Policy]
I would like to simplify my life and distribute secrets (real secrets, like encryption private keys) to Active Directory domain member computers. Probably via Active Directory Group Policy, but will be happy with any working solution.
Only a subset…
adontz
- 337
- 5
- 12
1
vote
1 answer
Add certificate from Microsoft Azure Key Vault for LDAP/S
The only method I can seem to find to add a certificate for secure LDAP (LDAP/S) for Azure Active Directory Domain Services is to upload the certificate from my local computer. This seems like a very poor key management solution when Microsoft Azure…
Scott
- 60
- 1
- 9
1
vote
1 answer
SSH login timeout while checking private key (sss_ssh_authorizedkeys)
I am having this issue right now with 3 servers at least.
When attempting to connect to the server via ssh with a private key with a specific user, it shows the welcome banner, takes almost two minutes and then the connection is closed.
ssh -i…
Alumino
- 11
- 4
1
vote
0 answers
Access to http restricted area using private key
In my Apache configuration (Ubuntu Server), i have the following settings:
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
Options Indexes FollowSymLinks Includes ExecCGI
…
Marco Vasapollo
- 111
- 3
1
vote
2 answers
What's the risk of exporting an SSL certificate to a new hosting company
On of our customers is sadly moving out to a new provider.
They have an SSL certificate linked to their site. The new hosting company, also want's this certificate.
Are there any (security) risks for me, if I export this certificate (to a .PFX) and…
Michiel van Vaardegem
- 165
- 1
- 9
1
vote
1 answer
Allow system accounts to login to other server without passwords
i'd like to allow user 'devel' to login to any other server using public keys as user 'devel'. This user is not a human, but a scripting-only account. How can I accomplish this? Is Puppet the right way? How does each source server receive the…
Felipe Alvarez
- 193
- 2
- 12
1
vote
0 answers
curl SSL protocol error in connection to shbr-staging.surescripts.net
I am trying to connect to:
shbr-staging.surescripts.net/
Here are the steps that I have followed:
Step 1: I generated a private key
$openssl genrsa -des3 -out sc-private.key 2048
passphrase: xyz123
Step 2: Using the private key from Step 1…
Vikas kedia
- 11
- 1
- 3
1
vote
2 answers
Being Prompted for Password
// Begin edit
I should note now that I've tinkered around a bit more, that everything works as intended if I use the "-i identity_file" switch when connecting from "Automation" and point that at the private key on the "Automation".
// End edit
There…
joebert
- 195
- 7
1
vote
2 answers
Nginx working with SSL but Private Key mismatch error
Used to work
I bought a Rapid SSL from name.com and used the below command to generate the .csr and .key files:
sudo openssl req -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.csr
I answered all…
AAgg
- 321
- 1
- 4
- 11
1
vote
2 answers
Node.js app on ElasticBeanstalk cannot access private key file on server
I have a node.js application running on ElasticBeanstalk. Part of it's configuration is a path to a .p12 key file. When the application attempts to use the key file, a permission denied exception is thrown.
My question is if I am placing the key…
Michael Peterson
- 111
- 3