El día sábado, mayo 29, 2021 a las 01:02:52a. m. -0400, Amber Shepherd escribió:
> Hi,
> Can you please let me know what I need to do in order to unsubscribe
> from this list?
Look into the header lines of the mails from the list for List-Unsubscribe:
matthias
--
Matthias Apitz, ✉ g...@
On Wed, Oct 30, 2019 at 02:12:19PM -, Frederick Gotham wrote:
>
> It appears that OpenSSL will kick and scream and refuse to die not
> matter how hard you hit it. If I try to generate a random number like
> this:
>
> openssl rand -hex 8
>
> Then it seems it will try in this order:
>
>
Why not just change things so that if your module fails to load, the library
exits?
Don't change the RAND code, change the INIT code.
Frederick Gotham wrote:
> static int drbg_bytes(unsigned char *out, int count)
> {
> int const retval = drbg_bytes_REAL(out, count);
>
> /* Try to get a semi-unique value for the first byte */
> char unsigned rotating_value = (unsigned)out ^ ((unsigned)count <<
> 4u);
>
Frederick Gotham wrote:
>
> I will change the random number generator built into OpenSSL to always
> return sequential numbers, something like:
Here's what I have:
static int drbg_bytes(unsigned char *out, int count)
{
int const retval = drbg_bytes_REAL(out, count);
/*
Frederick Gotham
wrote:
>
> And anyway this behaviour didn't come from deleting /dev/random, but
> rather from making the default generator inside OpenSSL always give 0
> for a random byte.
I will change the random number generator built into OpenSSL to always
return sequential numbers, somet
Frederick Gotham
wrote in
news:XnsAAF8BACC24C3Bfgotham@195.159.176.226:
> Jochen Bern
> wrote:
>
>> SSH logins from remote that fail
>
>
> This is my exact problem right now. My device has booted up and I
> can't SSH into it.But this doesn't entirely make sense since it should
> be getting
Jochen Bern wrote:
> SSH logins from remote that fail
This is my exact problem right now. My device has booted up and I can't SSH
into it.But this doesn't entirely make sense since it should be getting
random numbers from the TPM2 chip anyway.
On 10/30/2019 04:19 PM, openssl-users-requ...@openssl.org digested:
> From: Frederick Gotham
> To: openssl-users@openssl.org
>
> I even tried deleting /dev/random and /dev/urandom
... don't do that. The Linux kernel is both a provider and a consumer of
entropy, e.g., to randomize the TCP sequen
Dmitry Belyavsky wrote:
> You should do in your engine the following:
Just so you know, I'm not a developer of the TPM2 engine for OpenSSL.
Of course though I can still go in and edit the code here and there.
> Implement the TPM-provided RAND_METHOD in the engine
> call ENGINE_set_RAND for R
On Wed, Oct 30, 2019 at 6:58 PM Frederick Gotham
wrote:
> Dmitry Belyavsky wrote
> in
> news:cadqlbz+jctu_yqiw9w-fyo0o56mqua2nri6helr6pggxqdh...@mail.gmail.com:
>
> > On Wed, Oct 30, 2019 at 6:39 PM Frederick Gotham
> > wrote:
> >
> >> Dmitry Belyavsky
> >> wrote:
> >>
> >> >> You still have t
Dmitry Belyavsky wrote
in
news:cadqlbz+jctu_yqiw9w-fyo0o56mqua2nri6helr6pggxqdh...@mail.gmail.com:
> On Wed, Oct 30, 2019 at 6:39 PM Frederick Gotham
> wrote:
>
>> Dmitry Belyavsky
>> wrote:
>>
>> >> You still have the OpenSSL built-in RNG.
>>
>>
>>
>> Is there a simple compiler flag to remo
On Wed, Oct 30, 2019 at 6:39 PM Frederick Gotham
wrote:
> Dmitry Belyavsky wrote:
>
> >> You still have the OpenSSL built-in RNG.
>
>
>
> Is there a simple compiler flag to remove this?
>
> Or do I need to go into the source code and stick a "return -1;" somewhere?
>
> No. Openssl will not work
Dmitry Belyavsky wrote:
>> You still have the OpenSSL built-in RNG.
Is there a simple compiler flag to remove this?
Or do I need to go into the source code and stick a "return -1;" somewhere?
On Wed, Oct 30, 2019 at 6:20 PM Frederick Gotham
wrote:
> Dmitry Belyavsky wrote
>
> >> /etc/ssl/openssl.cnf
> >
> > Yes, or any custom.
> > But the engine must provide the RAND_METHOD and set it as default.
> >
> >
>
>
>
> But if my TPM2 engine fails to load, then OpenSSL will just use the
> 'r
Dmitry Belyavsky wrote
>> /etc/ssl/openssl.cnf
>
> Yes, or any custom.
> But the engine must provide the RAND_METHOD and set it as default.
>
>
But if my TPM2 engine fails to load, then OpenSSL will just use the
'rdrand' engine.
So my defense agains this is to rebuild OpenSSL with the flag
On Wed, Oct 30, 2019 at 6:08 PM Frederick Gotham
wrote:
> Dmitry Belyavsky wrote:
>
>
> >> It can be done via the engine code and config.
>
>
> Do you mean
>
> /etc/ssl/openssl.cnf
>
> ?
>
Yes, or any custom.
But the engine must provide the RAND_METHOD and set it as default.
--
SY, Dmitry Bel
Dmitry Belyavsky wrote:
>> It can be done via the engine code and config.
Do you mean
/etc/ssl/openssl.cnf
?
On Wed, Oct 30, 2019 at 6:00 PM Frederick Gotham
wrote:
> Dmitry Belyavsky wrote:
>
> > Did you try to create your own RAND_METHOD and set it as default on
> > loading the engine?
>
>
> No, I didn't try that.
>
> Note that I'm only using the OpenSSL binary, I'm not interfacing with an
> API.
>
>
Dmitry Belyavsky wrote:
> Did you try to create your own RAND_METHOD and set it as default on
> loading the engine?
No, I didn't try that.
Note that I'm only using the OpenSSL binary, I'm not interfacing with an
API.
Did you try to create your own RAND_METHOD and set it as default on loading
the engine?
On Wed, Oct 30, 2019 at 5:40 PM Frederick Gotham
wrote:
>
> I'm working on Linux with a x86-64 CPU.
>
> I have a TPM2 chip, and so I want OpenSSL to do all of its encryption
> and random number generation thr
I guess I was confused, expecting to see the "ssl23" stuff removed as well, but
I guess it's okay to leave it.
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
__
OpenSSL Project
On 10-05-2013 21:24, Salz, Rich wrote:
Would there be any interest (and support) from the dev team for
patches that completely remove SSLv2 API’s?
/r$
Already there:
./Configure -no-ssl2
__
OpenSSL Project
On Fri, May 10, 2013, Salz, Rich wrote:
> Would there be any interest (and support) from the dev team for patches that
> completely remove SSLv2 API's?
>
What would the difference be between this and the no-ssl2 switch to Configure?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core develope
unsubscribe here: http://www.openssl.org/support/community.html
From: owner-openssl-us...@openssl.org on behalf of Anh Pham
Sent: Wed 9/7/2011 3:23 AM
To: openssl-users@openssl.org
Subject: REMOVE my address from your mailing list, please
Remove my address fr
Go to http://www.openssl.org/support/community.html
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Richard Buskirk
Sent: Friday, December 03
rale77 wrote:
>
> Hello,
>
> How can I remove RSA structure form EVP_PKEY previosly added to EPP_PKEY
> with EVP_PKEY_assign_RSA function? I have one RSA object named rsa and
> EVP_PKEY object named evp and their relation is :
> rsa = evp->pkey.rsa
> How to remove their bound and then dele
On Mon, Jan 11, 2010, rale77 wrote:
>
> Hello,
>
> How can I remove RSA structure form EVP_PKEY previosly added to EPP_PKEY
> with EVP_PKEY_assign_RSA function? I have one RSA object named rsa and
> EVP_PKEY object named evp and their relation is :
> rsa = evp->pkey.rsa
> How to remove their
char passwd[] = {0}
2008/8/27 delcour.pierre <[EMAIL PROTECTED]>
> Hello everyone,
>
> I'm trying to load a private key with this function :
>
> /EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,pem_password_cb *cb,
> void *u);/
>
> I use it this way :
> EVP_PKEY* key = PEM_read_Privatekey(fi
On Sun, May 21, 2006 at 09:57:10PM +, Emile Georges wrote:
> Could you remove my email adress from the mailing list please
>
> Automated List Manager [EMAIL PROTECTED]
For help with a majordomo list:
mailto:[EMAIL PROTECTED]&body=help
One of the "help" items i
kloomis wrote:
At 11:17 PM 3/6/2006 -0700, you wrote:
The practical upshot of this is, yes, your apache configuration needs
the privkey.pem file in order to do SSL/TLS at all.
I have myServer.csr, myServer.cert and myServer.key located in
ssl.csr, ssl.crt, and ssl.key respectively. The ssl.c
At 11:17 PM 3/6/2006 -0700, you wrote:
The practical upshot of this is, yes, your
apache configuration needs
the privkey.pem file in order to do SSL/TLS at
all.
I have myServer.csr, myServer.cert and myServer.key located in ssl.csr,
ssl.crt, and ssl.key respectively. The ssl.conf points to the ce
SSLPrivateKeyFile
At least that's what it was on older versions of Apache; check the
documentation on mod_ssl for more information.
-Kyle H
On 3/6/06, kloomis <[EMAIL PROTECTED]> wrote:
> At 11:24 PM 3/6/2006 +0100, you wrote:
>
> Also, does anything in the process need the privkey.pem file th
Please see comments inline with the questions.
On 3/6/06, kloomis <[EMAIL PROTECTED]> wrote:
> Hello:
>
> I have some directions on how to build a self-signed certificate which
> consists of 5 steps.
> 1) create a key and a request
> 2) Remove the passphrase from the key (optional)
> 3) sign
At 11:24 PM 3/6/2006 +0100, you wrote:
Also, does anything
in the process need the privkey.pem file that is created once the cert
and key are created?
privkey.pem is not needed by the process of
certificate generation once the request is generate, but you'll need it
once you want to use this certi
kloomis wrote:
Hello:
I have some directions on how to build a self-signed certificate which
consists of 5 steps.
1) create a key and a request
2) Remove the passphrase from the key (optional)
3) sign the certificate
4) install the cert and the key
5) set the SSLConf to point to the cert and t
In message <[EMAIL PROTECTED]> on Sun, 6 Jun 2004 21:43:13 +0200, "Alberto Rubio"
<[EMAIL PROTECTED]> said:
alberto.rubio> remove
People, people, please use the proper interface! When you subscribed,
you even got an email explaining how to do that!
I'll give you another helpful hint:
http://w
remove
remove
end
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Hello Adriano
The keypair was generated by a former employee and we can't find the pass
phrase. Fortunately it is only used once in our intranet.
Thanx, Robbert
> -Original Message-
> Subject: Re: Remove passprase
> What is your problem..? perhaps you can't open th
What is your problem..? perhaps you can't open the PEM file? even if you
purchase thecorrect passphrase?
Regards, Adriano
El vie, 25-10-2002 a las 10:45, Rabellino Sergio escribió:
> Robbert Hardin wrote:
> >
> > Hello Bruno
> >
> > I tried, but it doesn't work:
> >
> > # openssl rsa -in cake
r.pem
> generated with openssl if you don't have the PEM pass phrase?
>
> Cheers, Robbert
>
> > -Original Message-
> > From: Bruno Mattarollo [mailto:bruno.mattarollo@;diala.greenpeace.org]
> > Sent: vrijdag 25 oktober 2002 15:26
> > To: [EMAIL
> Let me rephrase my question:
> Is it possible to remove or change a PEM pass phrase on keypair.pem
> generated with openssl if you don't have the PEM pass phrase?
No, that's the point.
__
OpenSSL Project
tion:
> Is it possible to remove or change a PEM pass phrase
> on keypair.pem
> generated with openssl if you don't have the PEM
> pass phrase?
>
> Cheers, Robbert
>
> > -Original Message-
> > From: Bruno Mattarollo
> [mailto:bruno.mattarollo@;dia
http://www.openssl.org/docs/apps/rsa.html
On Fri, Oct 25, 2002 at 03:16:10PM +0200, Robbert Hardin wrote:
> Hello All
>
> Is it possible to remove or chagne a PEM pass phrase on keypair.pem
> generated with openssl?
>
> Kind regards, Robbert
>
Robbert Hardin wrote:
>
> Hello Bruno
>
> I tried, but it doesn't work:
>
> # openssl rsa -in cakey.pem -out canokey.pem
> read RSA key
> Enter PEM pass phrase:
> unable to load key
> 15251:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
> decrypt:/usr/src/secure/lib/libcrypto/../.
ve or change a PEM pass phrase on keypair.pem
generated with openssl if you don't have the PEM pass phrase?
Cheers, Robbert
> -Original Message-
> From: Bruno Mattarollo [mailto:bruno.mattarollo@;diala.greenpeace.org]
> Sent: vrijdag 25 oktober 2002 15:26
> To: [EMAIL PROTECTED]
Robert,
try :
openssl rsa -in private-key -out
private-key.no-passphrase
be very careful with this though. ANyone who gets his
hands on priviate-key.no-passphrase can more easily
spoof you, so if you have this on an nfs shared mount,
or you are accessing the file via any non secure
method, anyo
Hi Robbert!
openssl rsa -in keyfile-with-passphrase.pem -out keyfile-without-passphrase.pem
IIRC.
Cheers
/B
On Fri, 25 Oct 2002, Robbert Hardin wrote:
> Hello All
>
> Is it possible to remove or chagne a PEM pass phrase on keypair.pem
> generated with openssl?
>
> Kind regards, Robbert
> ___
1 +0100
My email address is on the bottom line. Your mail server name will differ of
course. This header line was generated by sendmail.
John
> -Original Message-
> From: David Lang [mailto:[EMAIL PROTECTED]]
> Sent: 05 June 2002 21:54
> To: [EMAIL PROTECTED]
> Subject:
m: Michal Bachorik <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: Re: REMOVE
>
> :))
>
> but there's simple solution .. just join the list again, read instructions
> how to get off and that's it ..
>
> or someone who s
om: "Dilkie, Lee" <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
> Subject: RE: REMOVE
>
> NO! You are NOT allowed to leave You HAVE to stay.
>
> (sorry to the list membe
NO! You are NOT allowed to leave You HAVE to
stay.
(sorry to the list members for the noise, but I couldna help
maself)
-Original Message-From: Sidney Fortes
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, June 04, 2002 2:30
PMTo: [EMAIL PROTECTED]Subject:
REMOVE
R
> REMOVE
no no no.. did you at least *TRY* to read http://www.openssl.org/support/
if you did you would know that you send emial to "[EMAIL PROTECTED]"
and in the *body* of the mail you put :
unsubscribe openssl-users
there's also nify web interface that the url above which let's you
u
[EMAIL PROTECTED] wrote:
>
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager [EMAIL P
At 06:24 PM 2/21/01 +0600, you wrote:
>REMOVE
Hey dufus,
THIS IS SPAM! It is NOT polite, .. nor it is appreciated by the rest of us.
There are a lot of folks out here that see enough email at the present
time, .. please do NOT bother us with YOUR problems. There is ABSOLUTELY NO
BENEFIT to tr
Hello,
I am away from the office until February, 27th.
Swiss-German clients can get support at support-de.realmedia.com,
Swiss-French clients can get support at support-fr.realmedia.com.
If Central Services are concerned, please contact support-eu.realmedia.com.
Kind regards,
Stefan Müller
Quit spamming this list you fucking inconsiderate morons, I am so tired of
getting a shit load of this crap.
You want to spam some place spam DALnet or some other worthless place but
here we talk about things that are important.
Sorry for the foul language but damnit I am sick of this.
- Or
Richard Levitte - VMS Whacker wrote:
>
> From: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
>
> jcastro> I said it once and I'll say it again: SUBSCRIBER ONLY. Harrrumpf!
>
> I see one thing that is much worse than spams, and that's the usual
> deluge of comments that seem to follow.
Four Z
From: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
jcastro> I said it once and I'll say it again: SUBSCRIBER ONLY. Harrrumpf!
I see one thing that is much worse than spams, and that's the usual
deluge of comments that seem to follow.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECT
Either that, or start enabling RBL/ORBS lookups of sender and recipient
addresses on messages sent to the list. The 8 FreeBSD mailing lists that
I'm on are "open" and we hardly ever get spammed.
> I said it once and I'll say it again: SUBSCRIBER ONLY. Harrrumpf!
>
> ACroft wrote:
>
> > I sent th
On Tue, Oct 26, 1999 at 10:25:34PM +0200, Rene G. Eberhard wrote:
>
> openssl rsa -in o.txt > p.txt
Thanx!
Its so easy
I should hve read the docs better :-(
Klaus
-kpb>
__
OpenSSL Project http:
openssl rsa -in o.txt > p.txt
--
---
Rene G. Eberhard
Mail : [EMAIL PROTECTED]
- Original Message -
From: Klaus-Peter Boden <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 26, 1999 6:05 PM
Subject: remove a
Klaus-Peter Boden writes:
> how can I remove a passphrase from an existing private/public
> rsa key pair using openssl?
openssl rsa -in server.key -out server_key_without_passphrase.key
//toka
Cthulhu for President -- for when you're tired of choosing the
_lesser_ of the two evils.
___
64 matches
Mail list logo
