LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 07-21-2011, 09:00 PM   #1
draeath
LQ Newbie
 
Registered: Jul 2007
Location: Atlanta Area, GA, USA
Distribution: CentOS/RH/Debian
Posts: 24

Rep: Reputation: 0
Thumbs down openssl - no more passphrase-less keys!


So, I'm trying to set up a self-signed certificate so people can't sniff my password.

Guess what? Apparently you -CANNOT- create SSL keys without passwords any more:

[root@ks383350 private]# openssl genrsa -aes256 -out selfsign.key 4096
Generating RSA private key, 4096 bit long modulus
................................................++
.................................................................................................... ........................................................................................++
e is 65537 (0x10001)
Enter pass phrase for selfsign.key:
140569281062728:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:869:You must type in 4 to 8191 characters

What the heck? How is this supposed to work? Are we all supposed to manually start apache these days?

Please tell me there's a fix or workaround for this bug (Clearly, it's a bug that needs judicious patching)
 
Old 07-21-2011, 11:39 PM   #2
(=AA=)
LQ Newbie
 
Registered: Dec 2002
Location: UK
Distribution: Many
Posts: 24

Rep: Reputation: 3
To create a new Private Key without a passphrase.
# openssl genrsa -out www.example.com.key 4096

To create a new password protected Private Key (Remember the passphrase)
# openssl genrsa -des3 -out www.example.com.key.password 4096

To remove the passphrase from the password protected Private Key
# openssl rsa -in www.example.com.key.password -out www.example.com.key
 
  


Reply

Tags
openssl


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenSSL - encrypt zip file with SSL keys noir911 Linux - Server 3 02-26-2010 04:35 PM
How is the passphrase exactly used when dealing with GPG keys? abefroman Linux - Security 3 10-15-2009 01:30 AM
mouse keys as modifier keys (ctrl & alt) belda Linux - Desktop 3 06-25-2009 11:37 AM
USB keyboard function keys/numeric keys on boot raypen Linux - Hardware 4 04-17-2008 04:07 PM
oops openssl-0.9.8e over openssl-0.9.8d bad install now 2 copies? rcorkum Slackware 4 06-29-2007 02:58 AM


All times are GMT -5. The time now is 06:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration