Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I want to learn cryptography, encryption, and digital certificates in Linux. Please recommend any good website or book that gives enough information that I can use in the Linux platform. I'm particularly interested in encryption with OpenSSL.
Also depends on what you are doing. OpenSSL is predominantly concerned with transport layer cryptography. Other libraries or technologies will be concerned with on disk or file encryption. Cryptography is a very broad subject. PKI is an entire arm all its own.
Please recommend any good website or book that gives enough information that I can use in the Linux platform.
Enough information to do what exactly? Your question seems way too vague.
Anyway, some resources that you may find useful:
For a gentle introduction to cryptography, I’ve found that the old Network Associates’ An Introduction to Cryptography, which used to be distributed with PGP in the 90s, is still one of the best primers for beginners. I also like Comparitech’s blog posts on the topic.
On the other end of the spectrum, for some thorough courses on cryptography (which may not be necessary depending on what you want to do: you don’t need to know all the gory details of cryptography just to use cryptography, fortunately), I like the Handbook of Applied Cryptography by A. Menezes, P. van Oorschot, and S. Vanstone, which is conveniently freely available online, and the Graduate Course in Applied Cryptography by D. Boneh and V. Shoup, also freely available.
For more practical informations about how to use cryptography, especially server-side, there’s the Applied Crypto Hardening book from bettercrypto.org, and the TLS guidelines from the Netherlands’ National Cyber Security Centre (you can find similar guidelines from equivalent agencies of other countries, such as UK’s NCSC, USA’s NIST, or France’s ANSSI—I tend to follow the dutch guidelines for no particular reason).
More on the client and end-user side: the CryptoParty Handbook, compiled and in in source form.
Last edited by gouttegd; 07-20-2020 at 01:45 PM.
Reason: s/to /too /
I have a half-read copy of "Modern Cryptography: Applied Mathematics for Encryption and Information Security" on my shelf. So far, it has been pretty informative. I got distracted with a different book.
If you're going to take crypto seriously, understanding (some of) the math behind it is probably a good foundation to build from. It's a huge, huge subject.
My German edition is from 1996, but “Applied Cryptography” should still be a great read. I know nothing of newer editions but the 20th anniversary edition may contain additional chapters.
Damn. I just finished my translation of the table of contents from German, then thought about consulting a search engine, instead..:
I want to learn cryptography, encryption, and digital certificates in Linux. Please recommend any good website or book that gives enough information that I can use in the Linux platform. I'm particularly interested in encryption with OpenSSL.
Thanks
Digital certs - perform encryption like SSL cert
Cryptography is the study of concepts like Encryption, decryption, used to provide secure communication whereas encryption is the process of encoding a message with an algorithm. From this link: https://www.educba.com/cryptography-vs-encryption/
If you just need to learn so that you can deploy SSL on your website or server, then I think there's quite a few on the web. However, if you need to learn how to create your own encryption then I guess your Math skills has to be super good literally.
For installing SSL certs, you can search the web this keyword: "How to install SSL on Linux", or "How to use Letsencrypt", or "How to configure digital certs on Linux"
As others have asked, more details about your objectives are needed.
If you're asking about the theory and background then Serious Cryptography from 2017 by Jean-Philippe Aumasson is quite readable and has many simple, clear code excerpts illustrating what is going on.
If you're asking about applying existing utilities to a work flow, we'd have to know more about the work flow. Certificates are just keys which have been signed by other keys, n-levels deep. There are many HTTP(S) examples for using Let's Encrypt or making self-signed certificates for use with Apache2 or Nginx. So here is an example of setting up self-signed certificates with openssl for use with Mosquitto, which uses MQTT and not HTTP: https://mosquitto.org/man/mosquitto-tls-7.html Perhaps the slight differences there will help highlight the process.
I've never used encryption. I have come across encryption keywords many times like symmetric/asymmetric, aes/rsa, hash, md5, sha, digest, signature, salt, pgp, pki, digital certificate etc etc, but never paid attention. I always avoided encryption subject as I through its very confusing. Recently, I was configuring Cockpit for CentOS, and the webpage keep saying 'certificate is not trusted' error. So finally I thought, I should deal with this subject and get over with it.
So I want to start from scratch about encryption only that much that is required by a sys admin to deal with security issues regarding Linux server.
I think I've got now enough links to kick start the subject from scratch. I'll go through all links and see from where I should start.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.