Loading
OpenSSL Hacks
OpenSSL contains a command-line tool to do nearly everything possible within the OpenSSL library. Even better, it's probably already installed on your system.
This is only a sample of what OpenSSL offers at the command line.
Some documentation is available at the OpenSSL Web site under the Documents and Related sections. There are also several mailing lists available under the Support section.
OpenSSL is written in and for C/C++, but it has been adapted to other programming languages, including Ruby. In addition, the FIPS 140-2 Level 1 validation in March 2006 makes OpenSSL a new contender in the enterprise and government cryptography markets.
Resources for this article: /article/9020.
- « first
- ‹ previous
- 1
- 2
- 3
- 4
______________________
Webcast
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- New Products
- Linux Systems Administrator
- Senior Perl Developer
- Technical Support Rep
- UX Designer
- Web & UI Developer (JavaScript & j Query)
- Designing Electronics with Linux
- Dynamic DNS—an Object Lesson in Problem Solving
- Using Salt Stack and Vagrant for Drupal Development
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- another very interesting
1 hour 22 min ago - Reply to comment | Linux Journal
3 hours 15 min ago - Reply to comment | Linux Journal
10 hours 9 min ago - Reply to comment | Linux Journal
10 hours 25 min ago - Favorite (and easily brute-forced) pw's
12 hours 17 min ago - Have you tried Boxen? It's a
18 hours 8 min ago - seo services in india
22 hours 40 min ago - For KDE install kio-mtp
22 hours 41 min ago - Evernote is much more...
1 day 41 min ago - Reply to comment | Linux Journal
1 day 9 hours ago
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
Comments
In relation to the password
In relation to the password hash, surely the server needs to know the salt too? When I run the example I don't get the salt returned, so how can the hash be used?? Can the salt be derived from the hash somehow, and if so, doesn't knowledge of the salt make the hash much, much weaker?
I'm sure I've missed something obvious!
As far as I know, the salt
As far as I know, the salt is stored between two dollar signs. So it's part of the hash. At least for the MD5 (openssl passwd -1).
MD5 passwd hash
I need a cc or gcc source file that I can compile on an HP running HPUX 11. I want to compile it into an existing process that currently generates and hashes 8 digit passwords using DES i.e., the old crypt(). I nust now increase that password from 8 positions to 15 for security purposes. I'd guess that a perl script would do also as long as it had the proper hooks to the MD5 hash.
I will really appreciate any help on this item.
RE:
Great Article Anthony!
Very interesting and informational.
Can you expand a little on where you say:
"...run the above example multiple times. The output is the cryptographic hash of your password. The hash is randomly salted so that every time it's run, the output will be different, even if the password is the same."
Why will the output be different?
Thanks!
-John
salt
Basically, salt is a random string appended to your password. So instead of hash(password), we do hash(password | salt). The server keeps both salt and hash value. The purpose of salt is to prevent pre-calculated table attack.
Ref: http://en.wikipedia.org/wiki/Salt_%28cryptography%29
Page is rendered too wide
The lines on this page are too wide, I have to scroll horizontally to read each line, hence I haven't read the article.
The problem seems to be Table 2, and specifically the header lines, but Table 3 may also be wide on some screens.
I'm sure someone can find a number of creative ways to solve the problem.
Randy Kramer
Page is rendered too wide
In most browsers, those capable of handling cascading style sheets (CSS) that table displays with a horizontal scroll bar at the bottom and does not extend the page width.
What browser are you using and what version?
Webmaster
Linux Journal
I forgot to ask
Have you changed the settings in your browser so you use a default or customized style sheet for it? This is common with Opera.
Webmaster
Linux Journal
"I have always wished that my computer would be as easy to use as my telephone.
My wish has come true. I no longer know how to use my telephone."
-- Bjarne Stroustrup
Width problem
The width problem on this page as commented by others is still there. Using Konqueror 3.5.4 on Kubuntu with stylesheet set as default. Browser as-is passes the acid style test 100%. The problem is with your site.
Sorry.
Allan Morris.
Width problem
There were two problems here. Though I made the page quit showing so wide, the problems still exist.
Problem #1 Konqueror will not obey the CSS rule (overflow: auto;) for a table which would make a horizontal scroll bar appear only underneath the over sized table and the screen would not display wide. All other browsers I tested do this.
Problem #2 Konqueror obeyed a CSS rule for table headers (th{white-space: nowrap;}) that none of the other browsers paid any attention to. I killed the white-space rule and the page no longer over extends your screen (or at least not as much, there is still a point where the table headers will not continue to wrap). If the other browsers had obeyed this rule I would have found this problem much earlier.
Webmaster
"I have always wished that my computer would be as easy to use as my telephone.
My wish has come true. I no longer know how to use my telephone."
-- Bjarne Stroustrup