Is an encrypted private key which never leaves my home directory more secure than an unencrypted one?

On a Linux system I’m running an utility like this:

$   /usr/bin/myapp myprivatekey Enter passphrase for the private key:... ...application runs and uses the private key 

My understanding is that if I have a private key encrypted with a passphrase it is more secure than an unencrypted one because the private key cannot be accessed even if the user account is compromised. So if the private key is loaded by a process running as a different user and the passphrase is typed manually by the user then one cannot intercept the above passphrase. Please note that the /usr/bin/myapp can only be written by root.

On the other hand a colleague argues that, if the user account is compromised then the private key is compromised too even if it’s protected by a passphrase, because if the account is compromised then the password typed by the user can be intercepted and one cannot be protect himself in such a situation.

Which one is correct? Is it possible to setup a system such that the private key is protected in the above situation?

Thanks!

icacls : create private directory (full control for user and no listing for others except admins)

I would like to create a folder with permissions similar to my home directory. I tried giving myself full control etc. but I managed to get locked out and had to use the takedown tool to be able to delete the directory.

I know Deny permissions take precedence over Allow but that’s about it. This is for Windows Server 2012R2.

700 eBay Private Label Rights PLR Articles for $3

Are you new to eBay and have no clue on how to begin?Or are you an experienced seller looking for a few extra tips on how to improve your sales on eBay?These articles can teach you all about eBay.You get all the articles with PRIVATE LABEL RIGHTS!So you can you can use the articles for content in your autoresponder, eBook, report, or website.Or you can sell them or even give them away! Examples of some articles included: Double Your eBay Sales In 30 Days Top Secret eBay Tips3 Tools For Product Sourcing On eBay – Using Seller Central4 Secret Keys To Dominating eBay4 Special rules for selling software on eBay4 Things You Never Knew About eBay Auctions5 Easy Ways To Make Money On eBay5 eBay Selling Tips for Newbies5 Simple Steps To Posting Your First eBay Auction.5 Tips To Buying Cars On eBay Motors5 Tips To Protect Yourself From eBay Scammers7 Tips for Selling Expensive Collectibles On eBay7 Ways To Enhance High Priced Items On eBay9 Reasons To Do Joint Venture Deals On eBay 10 Great Ways To Source Low Cost Products For eBay.10 Safety Tips For Buying On eBay10 Steps to Successful Selling on eBay

by: selenous
Created: —
Category: Content & Writing
Viewed: 309


Can not connect to Vagrant private network

I had a vagrant in my Mac with a private network IP, previously it works properly, I can access its private network IP in the host. But can not access from host since yesterday, I dont remember any change to the Vagrantfile… Could you help give me some suggestions how to bring it back to work? Thanks a lot!

Vagrantfile piece:

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|   # Use Centos 7 64-bit as our operating system   config.vm.box = "centos/7"    # Configurate the virtual machine to use 2GB of RAM and 2 CPU   config.vm.provider :virtualbox do |vb|     vb.name = "vagrant-jenkins"     vb.customize ["modifyvm", :id, "--memory", "2048"]     vb.customize ["modifyvm", :id, "--cpus", "2"]     vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]   end    config.vm.network :private_network, ip: "192.168.56.8"   ... end 

Logs when vagrant up:

> ➜  toy vagrant up Bringing machine 'default' up with 'virtualbox' > provider... > ==> default: Checking if box 'centos/7' is up to date... > ==> default: A newer version of the box 'centos/7' for provider 'virtualbox' is > ==> default: available! You currently have version '1804.02'. The latest is version > ==> default: '1902.01'. Run `vagrant box update` to update. > ==> default: Clearing any previously set forwarded ports... > ==> default: Clearing any previously set network interfaces... > ==> default: Preparing network interfaces based on configuration... >     default: Adapter 1: nat >     default: Adapter 2: hostonly > ==> default: Forwarding ports... >     default: 22 (guest) => 2222 (host) (adapter 1) > ==> default: Running 'pre-boot' VM customizations... > ==> default: Booting VM... > ==> default: Waiting for machine to boot. This may take a few minutes... >     default: SSH address: 127.0.0.1:2222 >     default: SSH username: vagrant >     default: SSH auth method: private key > ==> default: Machine booted and ready! [default] GuestAdditions 5.2.14 running --- OK. > ==> default: Checking for guest additions in VM... > ==> default: Setting hostname... > ==> default: Configuring and enabling network interfaces... >     default: SSH address: 127.0.0.1:2222 >     default: SSH username: vagrant >     default: SSH auth method: private key > ==> default: Mounting shared folders... 

When trying to ssh to it, it is pending on connecting to the private IP:

➜  toy ssh -v toy OpenSSH_7.6p1, LibreSSL 2.6.2 debug1: Reading configuration data /Users/abc/.ssh/config debug1: /Users/abc/.ssh/config line 11: Applying options for toy debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 48: Applying options for * debug1: Connecting to 192.168.56.8 port 22. 

ssh config:

Host toy         Hostname  192.168.56.8         User      vagrant         IdentityFile ~/Vagrant/Toy/.vagrant/machines/default/virtualbox/private_key 

Setting up a private root DNS server using BIND9

I’m implementing a full DNS hierarchy using BIND9 and raspberryPis. I have set up a private authoritative name server, a TLD name server and a resolver. I’m trying to set up a root server and need the resolver to get redirected from root->TLD->Authoritative NS.

I updated the root hints file (“db.root” on the resolver) to hold the private IP address of the new root.

.           36000 IN NS ROOT. ROOT. 36000 IN A  192.168.0.109 

When I use the resolver to perform a “dig +trace”, I receive NS ROOT. in the authority section but the additional section does not contain it’s IP. Dig gives the following error

couldn't get address for 'ROOT': not found 

I think I’m facing the same problem being redirected from my TLD NS as well, but I guess fixing this would also fix that.

Are there any special settings related to the configuration or DNSSec that are preventing me from implementing a private DNS tree?

Local SSH connection using private network IP address not working

I tried to ssh connect to the local machine itself as

ssh me@host -p 2222  

It prompt password to login

However, if attempt with

$   ssh me@192.168.31.127 -p 2222 ssh: connect to host 192.168.31.127 port 2222: No route to host 

the ip address:

$   ssh me@192.168.31.127 -p 2222 ssh: connect to host 192.168.31.127 port 2222: No route to host 

What’s the problem?

How to store private data in blockchain and smart contract

Following my previous question on this topic Is there a way to store and share a private key through blockchain?, I might have a solution but I would like to improve the process.

Image that A is the owner of some private data, and want to give the ownership of this data to B, another member of the blockchain. The data is a private key so it can not be public, but it can be encoded using A or B public key.

So:

  • Secret data is encoded with A public key, and stored in A informations data /
  • B want to by A secret data
  • A decode the secret data (using his private wallet key) and encode the secret data with B public key
  • Ownership of the data is given to B
  • Now only B (and A also but that’s a different story) can decode secret data.

Is there a way to simplify this process using smart contract? I assume a smart contract have access to A and B public key, but can a data be encoded/decoded with private key of the one executing the smart contract?

Getting RSA private key from prime1, modulus and publicExponent

I am doing a hacking challenge but I don’t manage to know how to decrypt the private key from the public key and the given private key “prime1” parameter.

I’ve seen a private key is composed of :

  • modulus
  • publicExponent
  • privateExponent
  • prime1
  • prime2
  • exponent1
  • exponent2
  • coefficient

I’ve been able to retrieve :

  • modulus
  • prime1
  • publicExponent

Concerning prime2, I tried to compute it (by dividing modulus and prime1) and I get the following value :

19D28095CF467FE66ADBDBBA576B9C4CB14F352196A464AC4E501DF3D3949AEA6092BE46055C0E5E1A45B4053DFD00C87B1D26E09375FCADB23204CB51EBB0ED010767BE04EE8AC6E1912524A9491BBCB674EFCFF367EDFACC7D80C34BB431FA36B5D1E240D6DAE99412C06294AD23E25460245EDEE063AF51D953F67D1A0330B49CF3DE1F77CED7D868B43BCD3FF4726E6A555E3C399F1BC170BC4160CCE1CFD7ED1394CDB274FC5A30F81642A5233920A0032AB18A360A9C578A0E3AAA9823A0382DE703654F3C8175B963E304A7FFA2A0316CF0CFEB6A0413174A9948E5309EEF6F3ABFE43CBCC186809296F869710C263BAA4EC1F959B00893AC3C23066B6 

which translates in :

00:19:D2:80:95:CF:46:7F:E6:6A:DB:DB:BA:57:6B: 9C:4C:B1:4F:35:21:96:A4:64:AC:4E:50:1D:F3:D3: 94:9A:EA:60:92:BE:46:05:5C:0E:5E:1A:45:B4:05: 3D:FD:00:C8:7B:1D:26:E0:93:75:FC:AD:B2:32:04: CB:51:EB:B0:ED:01:07:67:BE:04:EE:8A:C6:E1:91: 25:24:A9:49:1B:BC:B6:74:EF:CF:F3:67:ED:FA:CC: 7D:80:C3:4B:B4:31:FA:36:B5:D1:E2:40:D6:DA:E9: 94:12:C0:62:94:AD:23:E2:54:60:24:5E:DE:E0:63: AF:51:D9:53:F6:7D:1A:03:30:B4:9C:F3:DE:1F:77: CE:D7:D8:68:B4:3B:CD:3F:F4:72:6E:6A:55:5E:3C: 39:9F:1B:C1:70:BC:41:60:CC:E1:CF:D7:ED:13:94: CD:B2:74:FC:5A:30:F8:16:42:A5:23:39:20:A0:03: 2A:B1:8A:36:0A:9C:57:8A:0E:3A:AA:98:23:A0:38: 2D:E7:03:65:4F:3C:81:75:B9:63:E3:04:A7:FF:A2: A0:31:6C:F0:CF:EB:6A:04:13:17:4A:99:48:E5:30: 9E:EF:6F:3A:BF:E4:3C:BC:C1:86:80:92:96:F8:69: 71:0C:26:3B:AA:4E:C1:F9:59:B0:08:93:AC:3C:23: 06:6B:6 

Which is quite a problem as it ends with “6”. I added the leading 00.

Values I extracted so far :

prime1: 007f40dc44ba03d15342f75908e0f9300596644ade94685e08e28c9ab1640c2f62c29ab9a239824b9ebeeb76ae6d8721a35e9ed98d7ea4383e590934a578b5f72e895d5c3752eafdf631ccbad2d960e4451d6776d21ff49c9dc9b1904551edd27fddb674b4997fb10ad9b7c2be8ba407220a8e3a36ff6dc11d6393afcb4ec0479f65bfdfe3f05f1e98614574ec36a7a5b1f18d3d976b5a82490900080d9dc274a44e30a139682f22347113aa3bf2204f8e10ebd4d09bb58cc2535f9d71130c0f21b66e133940d3a6b1eb74addd0a291481b190ade053f089c800fedcad5659fc281dc0cf5e08c0163324a352bbf3251043c373b8404ffc6b6b77bd5f2224eb7f15  modulus: CD5F8A24C7605008897A3C922C0E812E769DE0A46442C350CB78C7868539F3D38AAC80B3E6A506605910E8599806B4D1D148F2F6B81DA04796A8A5AEE18F29E83E16775A2A0A00870541F6574ED1438636AE0A0C116E07104F48F72094863A3869E1C8FC220627278962FB22873E3156F18E55DEC94E970064EC7F4E0E88454012E2FD5DFE5F8D19BF170F9CCB3F46E0FD1019BCB02D9083A0703C617F996379E6478354A73AE6E6ACBCE1F4333ECFAF24366A3E977D3CD3CBFE8D8A387BD876BFDAB8488F6F47BF1FBE33010FD2D7E22B4DB2E567783CE0B606DB86B93759714C4F6396A7FB9F74C4021043B0F3D46D2633EBD43A877863DF7D680F506587C119DD64100CA831CE2AF33D951B524C5F06B49F5BF2CB381E74181930D06A80505C06ABD5BF4870F0C9FB581BD80DBA889660639F936EDEA8FE5D0C9EAE58062ED693252583C71CC782BA613E01438E69B43F9E64ECA84F9EA04E811AD7B39EFD7876D1B6B501C4F48ACCE6F24239F6C04028788135CD88C3D15BE0F2EBB7DE9E9C19A7A93037005EE0A9A640BADA332EC0D05EE9F08A832354A0487A927D5E88066E2569E6C5D4688E422BFA0B27C6171C6D7BF029BFD9165752AF19AA71B33A1EA70B6C371FB21E47F527D80B7D04F582AD9F9935AF723682DC01CA9880621870DECB7AD15648CDF4EF153016F3E6D87933B8EC54CFA1FDF87C467020A3E753  publicExponent: 65537 (0x10001) 
  • Can I get the private key from theses parameters (modulus, publicExponent and prime1) ?
  • Is my reasoning about “prime2” right ? (by dividing the modulus and the prime1).
  • How to get the last elements ?
  • Have you any tool which automatically computes a private key from theses parameters ?

For FREE: OpenCart Plugin for Private Crypto Payments

Anonymous Online Payment Gateway

What are the unique advantages of using our OpenCart payment plugin?
– 100% protection from all online customer fraud. No more charge-back scams or identity theft.
– Zero transaction fees and no hidden fees, keep all of your hard-earned money.
– No paperwork, no identification, no financial statements and no proof of address required.
– Stealth addresses for unlimited use. Protect the privacy of your balance and your transaction history.
-…

For FREE: OpenCart Plugin for Private Crypto Payments