Questions tagged [private-key]
The private-key tag has no usage guidance.
170 questions
-1
votes
1
answer
64
views
How to secure a backup server when i send data via ssh
When I backup another server, I put my private key on the server to be able to send with ssh the data I want to backup.
But if a hacker compromises my server they will also be able to access the ...
- 29
0
votes
0
answers
140
views
How to add your own private keys to postfix configuration for DKIM without opendkim or the likes of it?
I have generated the keys locally through openssl added key.pub to the DKIM DNS txt Record but how to add it to postfix withouth any other tool.Is there any connfiguration parameter where the file ...
0
votes
0
answers
210
views
How to create manually a KSP container object in "SafeNet Key Storage Provider"
I've a Windows PKI system running with Luna Network HSM 7 and need to use a certificate which
its private key resides in the HSM and not exportable by design of the system. This cert was generated ...
0
votes
1
answer
198
views
What does "--[no]subdomains" option in opendkim-genkey mean?
Based on the documentation --nosubdomains "Disallows subdomain signing by this key". But didn't we need to create separate DKIM records for subdomains regardless?
Please correct me if I am ...
- 47
1
vote
0
answers
1k
views
How to convert a DER private key to PEM
I have a private key that is in binary format. I'm not sure if this is DER format but I need to convert it to PEM.
I'm using openssl with this command:
openssl rsa -inform DER -outform PEM -in test....
- 121
0
votes
2
answers
3k
views
SSL Certificate without Private Key
I have SSL Certificate with below files and dont have privatekey as CSR generate with this key:
root.crt, server.crt, intermediate.crt
I want to use this certificate on one of my vm of Ubuntu 23.04 ...
-2
votes
2
answers
229
views
the theory of SSH public and Private key and its application in realworld machines [closed]
there.
In this question, I have a very specific one about public and private keys. So Public keys should be put on the opposite side. For example, if we have a server, the public key of the server ...
- 3
0
votes
0
answers
360
views
Decrypt remote file securely with local private key
I've created a alldots.tar file mainly with dot config files from my local server. I then transferred it to my other (remote) server and there it is, cryptographed.
It didn't occur at the time of ...
- 109
0
votes
0
answers
305
views
Linux server ssh connection wont authenticate my account using ssh key gen and prompts me for password
I am facing an issue in Ubuntu 22.04.2. where I am unable to SSH into a remote server using a copied public key. I have generated an SSH key pair on my local machine using a bash terminal, and I have ...
- 1
0
votes
1
answer
165
views
I want to connect to my repo via SSH on a remote server, do I need to store my private keys on the server as well?
I'm following these steps to be able to connect to my BitBucket account/repo on a remote server.
I'm a bit confused. I already have a separate pair of keys for BitBucket (i.e. to do stuff on my local ...
0
votes
1
answer
421
views
NetApp: Cannot import private key from an external CA
Using the ONTAP System Manager, I'm trying to add a certificate according to the docs. Unfortunately, whenever I try to import the private key file, I get the following error:
No valid private keys ...
- 717
0
votes
1
answer
718
views
Terraform aws_key_pair creates weird key
I've been researching and testing deploying stuff with terraform, aws secretsmanager and basic ec2 instances.
I got it working. Well, the instance comes up, keys are created, and a remote-exec using ...
- 31
0
votes
2
answers
2k
views
Decrypt a pcks8 private key file on windows?
Is there any way on standard Windows Server (such as with certutil?) to decrypted a pkcs8 pem encrypted private key?
i.e. What is the equivalent on windows of:
openssl pkcs8 -in key.enc -out key.pem
...
- 101
1
vote
0
answers
342
views
github not accepting private SSH Key
I have a Private ED25519 SSH key, on a Windows system (using WSL). Permissions of the private key are 400 and permissions on the Public Key are 444. When I test my connection, using ssh -Tvvv git@...
github
- 141
0
votes
0
answers
1k
views
Private key is not generating from .p12 file
I generated my .p12 file using the below command
keytool -importkeystore -srckeystore mycert.jks -destkeystore keystore.p12 -deststoretype PKCS12
The above command successfully generated a 7 KB .p12 ...
- 101
-2
votes
1
answer
50
views
Management of password disable server
This question is just for curiosity. I am studying a bit of server administration and have seen many people saying that having passwords is a bad idea and they should be disabled. But my question is: ...
0
votes
1
answer
2k
views
Create new SubCA certificate fails with NTE_PROV_TYPE_NOT_DEF
I am trying to manually create a key and CSR for a new Windows AD CS Enterprise Subordinate CA (Windows Server 2019).
I'd like to store the key in the modern Microsoft Software Key Storage Provider.
...
- 7,109
1
vote
2
answers
7k
views
No associated key pair, add key pair to EC2 with no key pair
How do you add an existing key to a live EC2 instance that has no key pair?
I have tried using Session Manager to vi /.ssh/authorized_keys and add in the public key of the pair, but I get this error:
&...
- 519
2
votes
1
answer
1k
views
AWS - ssh to instance in private subnet
I have 2 instances in AWS. One of them in a public subnet (bastion), the second one in a private subnet.
Both of them were launched with the same key pair (.pem file).
This is how I connect to the ...
- 21
0
votes
2
answers
280
views
Encrypted files stored next to GPG Key in backup – alternative solution?
During a recent test run to see if my personal backups work as intended, I noticed that I store my GPG key next to files encrypted with that key on the same disk. Although the disk is encrypted (LUKS) ...
- 161
1
vote
1
answer
91
views
How to connect from Ubuntu VM on Azure to another without uploading the private key
My Topology
Two Ubuntu servers, the edge which is exposed to the internet, and the core which is only connected locally. Both are on the same subnet and the core only accepts SSH from the edge server. ...
- 119
0
votes
2
answers
102
views
Public/private key
I just watch this video https://youtu.be/ZhMw53Ud2tY and the question I have is if I have to generate a public/private key pair for each server I’m looking to login to or if I just generate one pair ...
- 139
0
votes
1
answer
3k
views
Apache SSL certificate and Private key
we've a server apache and the certificate is expired. We have an SSL Wildcard certificate issued by Sectigo.
I generated the new certificate on our reseller site and we're going to upload it in the ...
- 1
3
votes
1
answer
8k
views
Powershell self-signed certifcate private key not exportable
Using Powershell, I'm attempting to create a self-signed ssl certificate with a private key that can be exported. I've read and followed various tutorials, however the end result is always that no ...
1
vote
3
answers
2k
views
SSH from A through B to C, using IdentityFile on A
I've see some similar questions but without a clear way forward, if this was already answered before please close this one.
My scenario is:
Host C is not accessible from A.
Host B is accessible from ...
0
votes
1
answer
861
views
Private ssh key not working in some devices. "Error: permission denied (publickey)."
I have a virtual server. Recently, I disabled PasswordAuthentication to make it more secure.
I had already created a key pair using Puttygen in Windows. I converted the private key (.ppk) using putty-...
- 1
3
votes
0
answers
5k
views
How do I fix 'Missing stored keyset' through a remote powershell session (without also being RDP'ed in)
I'm trying to script the installation of our on-premise CI/CD agent. Part of that is installing some certificates
Powershell
Import-Certificate -FilePath self_signed_CA.cer -CertStoreLocation cert:\...
- 181
2
votes
1
answer
428
views
Distribute Secrets via Active Directory [Group Policy]
I would like to simplify my life and distribute secrets (real secrets, like encryption private keys) to Active Directory domain member computers. Probably via Active Directory Group Policy, but will ...
- 347
3
votes
3
answers
4k
views
Securing SSL certificate private key with nginx
I've been researching how to secure privaye keys for SSL certificats using nginx as a webserver, but have not been able to find many satisfactory answers.
Specifically, for a client who wants to me ...
- 185
0
votes
1
answer
635
views
Understanding ssh automatic login and security problems
I have generated a pair of private/public ssh keys (on Linux) and they are now in my .ssh folder.
I have copied my ssh id (ssh-copy-id) to a remote machine to which I want to connect without typing ...
- 145
1
vote
1
answer
710
views
How to configure Fail2ban with private key ssh connection on CentOs 7
I tried to install Fail2ban on my Centos 7 machine to prevent force brute connection on ssh server.
I'm using a private key with a passphrase to connect. I tested Fail2ban but it doesn't block me ...
1
vote
1
answer
666
views
Add certificate from Microsoft Azure Key Vault for LDAP/S
The only method I can seem to find to add a certificate for secure LDAP (LDAP/S) for Azure Active Directory Domain Services is to upload the certificate from my local computer. This seems like a very ...
- 70
0
votes
1
answer
570
views
Deploy Public Key in Windows Server
I have a Windows server in AWS and I want to deploy a public key to connect sftp authentication by key file.
I use freeftpd to reach my sftp connection but the program do not support key ...
0
votes
1
answer
43
views
Can MS AD Certificate Services maintain both public and private keys in active directory?
Is there enough control over AD user properties to have custom fields (one with only SELF having read permissions) and with Certificate Services to automatically maintain/auto-renew certificates and ...
- 152
2
votes
0
answers
2k
views
Windows service user account can't access the certificate store
Background
I have a Windows 7 VM with two user accounts (condor_usr1 and condor_usr2) that is used for source code compiling. The condor_usr[1|2] accounts are members of the administrators group. I ...
- 121
8
votes
2
answers
28k
views
How to make in SSH private key from one line, three lines [closed]
i have ssh-key, something like this
-----BEGIN RSA PRIVATE KEY----- my_super_secret_password -----END RSA PRIVATE KEY-----
Of course this key does not work. When i am doing manual things, something, ...
- 581
0
votes
1
answer
3k
views
Difference between cryptographic providers for Windows Server 2019 certificate authority private key?
I'm going through the process of creating a Microsoft certificate server on Windows Server 2019 and was wondering what the difference between these cryptographic providers were in the setup wizard?
...
- 315
3
votes
1
answer
22k
views
SFTP asks for passphrase for unencrypted private key, but WinSCP works fine?
Summary:
I want to SFTP a file from one server to another, authorizing with a private-key.
I believe the public key is installed correctly (WinSCP lets me log in with private key), and I ...
- 173
4
votes
1
answer
3k
views
Obtaining the private key from an SSL certificate managed by GCP
I'm using Google Kubenetes Engine and I put an SSL certificate on my Ingress using Google-managed certificates
I've discovered I can view the certificate using this command:
gcloud beta compute ssl-...
- 307
3
votes
1
answer
13k
views
Windows Server 2019 - Certificate with private key export, encryption type
I noticed that starting in Windows Server 2019, and an unknown version of Windows 10 (I'm running 1903, and I tried on 1809 as well), when you export a certificate and choose to export it's private ...
- 501
11
votes
3
answers
7k
views
Bastion server: use TCP forwarding VS placing private key on server
We have bastion server B.
We need to SSH from A through B to C, using private key.
What is the better option:
Put the private SSH key on server B. We read that it's a bad idea to do that in a ...
- 223
2
votes
1
answer
8k
views
OpenSSL generate certificate with endianess,encoding and charset
I'm having some trouble creating a certificate with the openssl commandline tool.
The specs for the private key are:
"A digital signature using an RSA 1024 bit key with a SHA-1 hash
function (...
- 169
4
votes
1
answer
1k
views
What happens when someone gets to know the secret key (of the web server / a CA)?
basically, I have three questions and I would be grateful for a brief explanation of the differences in the consequences of these thefts:
What happens when someone gets to know the secret key of the ...
- 43
2
votes
1
answer
166
views
Site hosted on EC2 / Amazon held hostage with private key
I have a new client whose previous developer has left her high & dry with her site on Amazon/EC2. He holds the private key to the instance, and though she has full access to the Amazon control ...
- 123
0
votes
0
answers
1k
views
putty slow ssh key exchange
The problem: The key exchange between putty (Win7) and the linux ssh server takes about 10 seconds. Prior to moving my network to a new location, this didn't occur. I'm connecting to 3 different boxes ...
- 111
1
vote
1
answer
2k
views
SSH login timeout while checking private key (sss_ssh_authorizedkeys)
I am having this issue right now with 3 servers at least.
When attempting to connect to the server via ssh with a private key with a specific user, it shows the welcome banner, takes almost two ...
- 11
0
votes
1
answer
2k
views
Lost connection with ssh server through web console ssh (GCP, Putty, gcloud terminal, Filezilla)
After a year using the VM instance in debian, we changed the ssh keys to connect to other computers, after having generated the pair of public and private keys with putty, and adding it to the ...
google-cloud-platform
2
votes
1
answer
2k
views
Migrating HTTPS certificates from IIS to nginx
I'm in the process of migrating from IIS on Windows 2012 to nginx on Ubuntu 16.04. I'm familiar with nginx but not IIS.
On nginx, to have HTTPS working you need both the certificate and the private ...
- 141
1
vote
0
answers
155
views
Access to http restricted area using private key
In my Apache configuration (Ubuntu Server), i have the following settings:
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
<Directory /secure>
...
- 111
0
votes
1
answer
393
views
Download private_key.pem when using ansible os_keypair
I'm using ansible os_keypair module towards Openstack, through AWX, to create a new keypair:
- hosts: localhost
tasks:
- name: Create new keypair, ask for the name in survey
os_keypair:
...
