Spaß mit Verschlüsselung

Privaten Schlüssel (AES-256/4096bit) erstellen:

openssl genrsa -aes256 -out private.pem 4096

Öffentlichen Schlüssel erstellen:

openssl rsa -in private.pem -outform PEM -pubout -out public

Datei verschlüsseln:

openssl rsautl -pubin -inkey public.pem -encrypt -in klartext.txt -out geheim.txt

Datei entschlüsseln:

openssl rsautl -inkey private.pem -decrypt -in geheim.txt -out klartext2.txt 

Read More

zypper

zypper se -d <searchstring> extended search -d tells to also search for the search string in descriptions

zypper se -r <repo> shows all packages in

zypper in --from <repo> <pacakge> installs from

zypper lu lists updates available

Read More

disk encryption (dm-crypt + LUKS, non-root)

encrypting external drives with dm-crypt and LUKS (hdd, flash etc.)

1) wipe potentially existing luks-header (optional)

dd if=/dev/zero of=/dev/sdX bs=512 count=20480

2) wipe existing partitions (optional)

3) setup luks-header

cryptsetup options luksFormat device

respectively

cryptsetup -v --cipher aes-xts-plain64 --key-size 512 \
--hash sha512 --iter-time 5000 --use-random luksFormat <device>

4) mount encrypted partition

simply mount

or

cryptsetup open <device> <name>

5) create file system

mkfs.fstype /dev/mapper/name

6) change user permissions (only accessible for root as default)

chown user:group <mount point>

https://wiki.archlinux.org/index.php/LUKS

https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_a_non-root_file_system

https://wiki.archlinux.org/index.php/Dm-crypt/Device_encryption#Encryption_options_for_LUKS_mode

Read More