headers
Matthias Schniedermeyer | 4 Jul 2007 18:26
Picon

Generating Random Passwords with definable length

Hi

Today i had the "problem" that i wanted to create an AES256 Keyfile for 
loop-aes. According to README a SHA512 Hash is used to generate the 
encryption key.

Taking aside the fact halve the bits aren't really put to use here, 
SHA512 still means 64 Byte of raw entropy.

The "standard" example only(tm) gives 45 bytes of entropy, so i thought 
about how i can create random passwords with definable length, only 
using standard unix tools.

So i stumbled over the "openssl" executable and it's many options. Which 
i think sould be available on many systems.

With `openssl enc -base64 -A` you can create base64 encoded strings with 
arbitrary length. So with a little loop around that you can create 
key-files with arbitrary sized lines.

- snip -
for dat in `seq 1 65`; do head -c 90 /dev/random | openssl enc -base64 -A ; echo ; done | gpg --symmetric -a >/a/usbstick/keyfile.gpg
- snip -
90 bytes of entrophy or 120 chars per line in this example.

I think this is also a bit more elegant than the `head`ing and `tail`ing 
in the README.

Bis denn
(Continue reading)

Permalink | Reply | 0 comments |
headers
markus reichelt | 6 Jul 2007 16:28
Picon

uuencode -m - pitfall

Hi,

I'm in the process of tinkering with slackware 12.0 and found a nasty
pitfall. While 11.0 used "uuencode (GNU sharutils) 4.6.3", slackware
12.0 uses "uuencode - GMime 2.2.9"

The difference between those two is the length of output lines:

KvmUf1QL24tMm2WqNBngufef05ggcrePvKUj/InniYpWkkGvvVSWaD23PfjP

of GNU sharutils, and 

tC22uMJKMY1Rnun/EptRojfTdeURMgF4ny/2Mne06sYOag5sSEgWE+BC6UM/yuDjRI0LOxg4otDu

of GMime 2.2.9

This broke several scripts on my system which relied on the length of
output lines of GNU sharutils uuencode. Among them, the examples of
loop-aes.readme

As workaround for creating loop-aes v3 keys on systems with
GMime-uuencode you can use instead

openssl rand -base64 3120 | head -n 66 | tail -n 65 | gpg ...

gpg --gen-random 1 3120 | openssl enc -base64 | gpg ...

head -c 3120 /dev/random | openssl enc -base64 | gpg ...

--

--
(Continue reading)

Permalink | Reply | 2 comments |
headers
Jari Ruusu | 8 Jul 2007 16:38
Picon

Re: uuencode -m - pitfall

markus reichelt wrote:
> I'm in the process of tinkering with slackware 12.0 and found a nasty
> pitfall. While 11.0 used "uuencode (GNU sharutils) 4.6.3", slackware
> 12.0 uses "uuencode - GMime 2.2.9"
> 
> The difference between those two is the length of output lines:
> 
> KvmUf1QL24tMm2WqNBngufef05ggcrePvKUj/InniYpWkkGvvVSWaD23PfjP
> 
> of GNU sharutils, and
> 
> tC22uMJKMY1Rnun/EptRojfTdeURMgF4ny/2Mne06sYOag5sSEgWE+BC6UM/yuDjRI0LOxg4otDu
> 
> of GMime 2.2.9
> 
> This broke several scripts on my system which relied on the length of
> output lines of GNU sharutils uuencode. Among them, the examples of
> loop-aes.readme

Thanks for reporting this.

gmime-2.2.9 version of uuencode still appears to be little bit goofy because
it appears to output empty "encoded" line if input data is integer multiple
of 57 bytes.

> As workaround for creating loop-aes v3 keys on systems with
> GMime-uuencode you can use instead
> 
> openssl rand -base64 3120 | head -n 66 | tail -n 65 | gpg ...
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
listguru | 10 Jul 2007 07:05
Favicon

Response to your ListGuru session [MsgId AA20070709.220512.1]

--  

>>>> Dear user listguru <at> fatcity.com, 
Unrecognized command -- skipping.  Use HELP for assistance. 

>>>> Your e-mail account has been used to send a large amount of junk email messages during the last week. 
Unrecognized command -- skipping.  Use HELP for assistance. 

>>>> We suspect that your computer was infected and now runs a trojan proxy server. 
Unrecognized command -- skipping.  Use HELP for assistance. 

>>>> We recommend that you follow the instructions in order to keep your computer safe. 
Unrecognized command -- skipping.  Use HELP for assistance. 

>>>> Have a nice day, 
Unrecognized command -- skipping.  Use HELP for assistance. 

>>>> The fatcity.com support team. 
Unrecognized command -- skipping.  Use HELP for assistance. 

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
Permalink | Reply | 0 comments |
headers
Jan Klod | 12 Jul 2007 12:45
Picon

what is -lcrypt?

Hallo,

I tried to set up loop-AES-v3.2a and when executing

    bzip2 -d -c util-linux-2.12r.tar.bz2 | tar xvf -
    cd util-linux-2.12r
    patch -p1 </PATH/TO/LOOP-AES/util-linux-2.12r.diff
    CFLAGS=-O2 ./configure

util-linux output was: You need -lcrypt. I continued with installing, 
but "make tests" failed, because there was no /dev/loop7!

So, how to get -lcrypt and what is it? Will it solve problem with loop7?

..

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
Permalink | Reply | 3 comments |
headers
Paul Walker | 12 Jul 2007 15:18
Picon
Picon

Re: what is -lcrypt?

On Thu, Jul 12, 2007 at 01:45:45PM +0300, Jan Klod wrote:

> So, how to get -lcrypt and what is it? Will it solve problem with loop7?

On Debian, it belongs to the libc6-dev package. If you don't use Debian,
there's probably a similar package for your distribution.

No idea about loop7 - try it and see, I think. :-)

--

-- 
Paul

I don't see what C++ has to do with keeping people from shooting themselves
in the foot.  C++ will happily load the gun, offer you a drink to steady
your nerves, and help you aim. -- Peter da Silva

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
Permalink | Reply | 0 comments |
headers
Jan Klod | 12 Jul 2007 17:57
Picon

Re: what is -lcrypt?

Matthias Schniedermeyer wrote:
> It means just "crypt", which in turn actually means libcrypt.
>
> Most probably you are missing a development-package.
> AFAICT libcrypt comes with glibc2, in Debian distribution it is packaged 
> alongside the libc inside the libc6-package. Which effectivly means that
> it is impossible to not have it.
>
> Your distribution (which?) appears to have it broken down a little bit 
> different.
>   
I'm using ubuntu. The bad news for me are: libc6 & libc6-dev were 
already there before installing.
Looks like I am stuck with installing AES (I recompiled ubuntu kernel 
2.6.17.14, followed AES readme)... I will let you know, if I find a 
solution.

PS: I hope that's not a problem, if I answer private posts back to list?

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
Permalink | Reply | 1 comment |
headers
Jari Ruusu | 12 Jul 2007 19:47
Picon

Re: what is -lcrypt?

Jan Klod wrote:
> util-linux output was: You need -lcrypt. I continued with installing,

"You need -lcrypt" means "configure script has detected that to link some
programs, util-linux's Makefiles need to use -lcrypt linker option". This is
nothing to worry about.

> but "make tests" failed, because there was no /dev/loop7!

Your distro's init scripts and/or udev scripts are supposed to create that
device node. You can also create those device nodes manually, like this:

#/bin/sh
for x in 0 1 2 3 4 5 6 7; do mknod -m 660 /dev/loop${x} b 7 ${x}; done

--

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
Permalink | Reply | 1 comment |
headers
Matthias Schniedermeyer | 12 Jul 2007 20:53
Picon

Re: what is -lcrypt?

On 12.07.2007 18:57, Jan Klod wrote:
> Matthias Schniedermeyer wrote:
>> It means just "crypt", which in turn actually means libcrypt.
>>
>> Most probably you are missing a development-package.
>> AFAICT libcrypt comes with glibc2, in Debian distribution it is packaged 
>> alongside the libc inside the libc6-package. Which effectivly means that
>> it is impossible to not have it.
>>
>> Your distribution (which?) appears to have it broken down a little bit 
>> different.
>>   
> I'm using ubuntu. The bad news for me are: libc6 & libc6-dev were already 
> there before installing

Debian has a package "apt-file" and as Ubuntu is based on Debian it 
may have that package too.

After installing it and "apt-file update"ing once you can 'apt-file search'
for all packages containing the specified file.

In case Ubuntu has broken down the packages differently you should be 
able to find it that way.

> Looks like I am stuck with installing AES (I recompiled ubuntu kernel 
> 2.6.17.14, followed AES readme)... I will let you know, if I find a 
> solution.
>
> PS: I hope that's not a problem, if I answer private posts back to list?
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jan Klod | 12 Jul 2007 21:45
Picon

Re: what is -lcrypt?

Jari Ruusu wrote:
> #/bin/sh
> for x in 0 1 2 3 4 5 6 7; do mknod -m 660 /dev/loop${x} b 7 ${x}; done
*** Test results ok ***

Thank you! Hopefully tomorrow I'll build gpg and try-out first examples!  :-) 

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
Permalink | Reply | 0 comments |

Gmane