openssl dhparam -out dhparams.pem 4096
Privaten Schlüssel (AES-256/4096bit) erstellen:
openssl genrsa -aes256 -out private.pem 4096
Öffentlichen Schlüssel erstellen:
openssl rsa -in private.pem -outform PEM -pubout -out public
openssl rsautl -pubin -inkey public.pem -encrypt -in klartext.txt -out geheim.txt
openssl rsautl -inkey private.pem -decrypt -in geheim.txt -out klartext2.txt
encrypting external drives with dm-crypt and LUKS (hdd, flash etc.)
1) wipe potentially existing luks-header (optional)
dd if=/dev/zero of=/dev/sdX bs=512 count=20480
2) wipe existing partitions (optional)
3) setup luks-header
cryptsetup options luksFormat device
cryptsetup -v --cipher aes-xts-plain64 --key-size 512 \
--hash sha512 --iter-time 5000 --use-random luksFormat <device>
4) mount encrypted partition
cryptsetup open <device> <name>
5) create file system
6) change user permissions (only accessible for root as default)
chown user:group <mount point>
badblocks is a Linux utility to check for bad sectors on a disk drive (A bad sector is a sector on a computer’s disk drive or flash memory that cannot be used due to permanent damage or an OS inability to successfully access it.). It creates a list of these sectors that can be used with other programs, like mkfs, so that they are not used in the future and thus do not cause corruption of data. It is part of the e2fsprogs project.
It can be a good idea to periodically check for bad blocks. This is done with the badblocks command. It outputs a list of the numbers of all bad blocks it can find. This list can be fed to fsck to be recorded in the filesystem data structures so that the operating system won’t try to use the bad blocks for storing data. The following example will show how this could be done.
From the terminal, type following command:
$ sudo badblocks -v /dev/hda1 > bad-blocks
The above command will generate the file bad-blocks in the current directory from where you are running this command.
Now, you can pass this file to the fsck command to record these bad blocks
$ sudo fsck -t ext3 -l bad-blocks /dev/hda1 Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Check reference counts. Pass 5: Checking group summary information. /dev/hda1: ***** FILE SYSTEM WAS MODIFIED ***** /dev/hda1: 11/360 files, 63/1440 blocks
If badblocks reports a block that was already used, e2fsck will try to move the block to another place. If the block was really bad, not just marginal, the contents of the file may be corrupted.
ausgewählte dns-server in DE
220.127.116.11 Chaos Computer Club Berlin
18.104.22.168 FoeBuD e.V.
22.214.171.124 German Privacy Foundation e.V.
126.96.36.199 German Privacy Foundation e.V.
188.8.131.52 German Privacy Foundation e.V.
184.108.40.206 German Privacy Foundation e.V.
sudo ssh -L localhost:port:localhost:remote-port user@host -N
set remote-port to the proxy port (3128 for squid) on the server
set port to any local port (e.g. 8000) on the client and configure proxy settings to localhost:port
set remote-port to the port to be tunnelled on the server
set port to any local port (e.g. 8001) on the client and use it with localhost:port