LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page openssl - no more passphrase-less keys!
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-21-2011, 08:00 PM   #1
draeath
LQ Newbie
 
Registered: Jul 2007
Location: Atlanta Area, GA, USA
Distribution: CentOS/RH/Debian
Posts: 24

Rep: Reputation: 0
Thumbs down openssl - no more passphrase-less keys!

So, I'm trying to set up a self-signed certificate so people can't sniff my password.

Guess what? Apparently you -CANNOT- create SSL keys without passwords any more:

[root@ks383350 private]# openssl genrsa -aes256 -out selfsign.key 4096
Generating RSA private key, 4096 bit long modulus
................................................++
.................................................................................................... ........................................................................................++
e is 65537 (0x10001)
Enter pass phrase for selfsign.key:
140569281062728:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:869:You must type in 4 to 8191 characters

What the heck? How is this supposed to work? Are we all supposed to manually start apache these days?

Please tell me there's a fix or workaround for this bug (Clearly, it's a bug that needs judicious patching)
 
Old 07-21-2011, 10:39 PM   #2
(=AA=)
LQ Newbie
 
Registered: Dec 2002
Location: UK
Distribution: FreeBSD
Posts: 24

Rep: Reputation: 3
To create a new Private Key without a passphrase.
# openssl genrsa -out www.example.com.key 4096

To create a new password protected Private Key (Remember the passphrase)
# openssl genrsa -des3 -out www.example.com.key.password 4096

To remove the passphrase from the password protected Private Key
# openssl rsa -in www.example.com.key.password -out www.example.com.key
 
  


Reply

Tags
openssl



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenSSL - encrypt zip file with SSL keys noir911 Linux - Server 3 02-26-2010 03:35 PM
How is the passphrase exactly used when dealing with GPG keys? abefroman Linux - Security 3 10-15-2009 12:30 AM
mouse keys as modifier keys (ctrl & alt) belda Linux - Desktop 3 06-25-2009 10:37 AM
USB keyboard function keys/numeric keys on boot raypen Linux - Hardware 4 04-17-2008 03:07 PM
oops openssl-0.9.8e over openssl-0.9.8d bad install now 2 copies? rcorkum Slackware 4 06-29-2007 01:58 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:56 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration