Questions tagged [rsa]
The rsa tag has no usage guidance.
193 questions
0
votes
1
answer
143
views
Need help to edit NGINX config for SSL
I keep getting errors when adding SSL syntax.
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl/example.crt;
ssl_certificate_key /etc/nginx/ssl/example.key;
...
0
votes
1
answer
138
views
SSH key fingerprint not matching after server hack (Bluehost Wordpress). How to identify issue? [duplicate]
Detected a hack from this morning on a Bluehost server Wordpress installation. Someone used credentials from a Wordpress user account with admin rights, I'm dealing with the aftermath now. I know, I ...
- 9
1
vote
2
answers
4k
views
userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms after upgrade of OpenSSH
After an upgrade I can no longer log in to my box (FreeBSD 14.0) using RSA key getting:
userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms
in /var/logs/auth.log
on every ...
- 141
0
votes
1
answer
54
views
Old TLS or RSA version on Wifi Antenna preventing maintenance
First I'll disclose that I'm not a professional in networking by any means. That being said, I manage my family's home/small businness network. We have a few buildings, with the modem being in the ...
- 1
0
votes
1
answer
57
views
Github Deploy Key Pattern
My Deployment Pattern
I have a setup as shown in the diagram above, where have a github account which owns a number of private repositories. I have a number of machines in the field that each include ...
github
0
votes
1
answer
89
views
Which key is used for signed exchange certificate?
I was trying to generate a Signed Exchange Certificate from Google CA followed by this documentation https://cloud.google.com/certificate-manager/docs/public-ca-tutorial
But now facing this error :
&...
google-cloud-platform
0
votes
1
answer
1k
views
Check bit length of ssl certificates for both, RSA and elliptic curves
We're using a script based on acme.sh to generate our SSL certificates. acme.sh also supports elliptic curves. I wonder, how to check the keylength for both, RSA and elliptic curve certificates. I ...
- 485
3
votes
2
answers
952
views
Why does my RSA DANE TLSA work, but my ECDSA DANE TLSA fail?
I've purchased two single domain, wildcard SSL certificates from Namecheap/Sectigo/Comodo. I generated my CSRs in the typical fashion using openssl.
$ openssl req -newkey rsa:4096 -keyout example.com....
0
votes
1
answer
8k
views
SSH access denied for one user
I encounter an error while trying to connect via SSH to a server, for one user.
This user's home directory is in /opt, with a .ssh directory (permissions: 700) and an authorized_keys file containing ...
- 113
8
votes
3
answers
53k
views
SSH No Matching Host Key Type Found
I have two servers,
S1: My machine, Windows 8, OpenSSH 8.8p1, OpenSSL 1.1.11 2021-08-24,
S2: A Remote Server, Linux, Open SSH 5.3p1, OpenSSL 1.0.1e-fips 2013-02-11.
The message I have trying to ...
- 185
11
votes
1
answer
21k
views
SSH keys: ed25519 vs RSA performance demystified
It is claimed that ed25519 keys are better than RSA, in terms of security and performance. In terms of security, I understand that 4096 bits RSA keys are practically unbreakable for the foreseable ...
- 405
1
vote
0
answers
4k
views
Public key for /etc/ssh/whatever does not match private key - but it does
When I start my ssh service (on a Devuan Chimaera Linux box), I get the warnings:
Public key for /etc/ssh/ssh_host_rsa_key does not match private key
Public key for /etc/ssh/ssh_host_ecdsa_key does ...
- 1,795
5
votes
1
answer
2k
views
How to validate opendkim generated RSA keys
I'm trying to diagnose OpenDKIM validation errors (see this question). Way down in the belly of the beast, I'm at the point where I'm trying to make sure the keys generated are actually correct.
I'm ...
- 439
0
votes
1
answer
2k
views
Ubuntu Key Exchange Algo
I am trying to test the connectivity to several network devices, with Ansible installed on Ubuntu 20.04.2 LTS, using ansible ad-hoc.
The problem:
SSH is not working as the device's key exchange method ...
- 15
0
votes
1
answer
418
views
Programmatic way to get host key fingerprint from AWS EC2
Is there a programmatic way to get the host key fingerprint from AWS EC2.
I feel like this is so basic someone must have figured it out, but I can't find anything.
- 419
0
votes
1
answer
769
views
What is the best method for adding RSA Key Fingerprints to known_hosts upon provisioning each server?
This question was inspired by this thread
The hypothetical scenario, for context is as follows:
SSH servers, whether they be routers, firewalls etc. are all firstly provisioned within a private + ...
- 103
1
vote
0
answers
3k
views
Why PuTTY doesn't accept SSH key exchange RSA algorithm
Summary:
I am trying to set SSH key exchange algorithm to RSA with no luck.
The session is between my Windows machine with PuTTY as client to a Linux machine in Amazon EC2.
Description:
I configured ...
- 111
1
vote
0
answers
338
views
ssh with public key at Synology - not working
I guess I have done everything right. Public/private keys, files permissions, etc.
There are 3 machines:
ubuntu
old_synology
new_synology
I start from ubuntu, ssh to old_synology without a password. ...
- 123
2
votes
4
answers
6k
views
Windows SSH into CentOS using Private Key - Not working
I'm on Windows 10. Need to ssh into a Linux CentOS server. Trying both Putty and Windows SSH (turned on in Features.. Powershell?).
Using PuttyGen, I generated a private & public RSA key pair - ...
- 191
1
vote
2
answers
97
views
I have an issue with configuring openvpn server and running it
Server Log
Options error: Unrecognized option or missing or extra parameter(s) in server.ovpn:4: cert (2.4.9) Use --help for more information.
server configuration
server 192.168.1.0 255.255.255.0
...
0
votes
0
answers
338
views
Issues with seamless ssh connect via public key
I am trying to set up a seamless ssh connection from one server to another for the first time. While I think I managed to create a user and fitting rsa keys just fine, I can't actually connect via ssh,...
- 101
0
votes
1
answer
141
views
I recovered my RSA key, but I'm locked out of my webserver
So when I built my unmanaged webserver for my portfolio site jasonwarner.dev I had initially locked it down by disabling any login and the root account, completely because I was getting notifications ...
- 21
0
votes
1
answer
822
views
How to install custom SSL (HTTPS) certificate in RSA NetWitness web UI (11.3.1.1)
RSA NetWitness's web user interface (11.3.1.1) comes with self-signed cert that isn't trusted in my enterprise. How can I install a custom SSL certificate on the web user interface so that users aren'...
- 129
0
votes
1
answer
212
views
Passwordless sshing troubles
I've tried setting up passwordless sshing for a MPI cluster im working on. Im generating the RSA key on the master node and sending the public key to my client node. It sends but refuses to connect ...
1
vote
1
answer
5k
views
Host ssh-rsa key is refused by WinSCP when connecting on scheduled task, but not when launched manually
As part of a scheduled task that runs on a Windows Server 2012 machine, I use WinSCP to connect via sFTP using credentials and ssh-rsa key. When the scheduled task runs, the connection fails with the ...
- 23
1
vote
1
answer
3k
views
500 OOPS: SSL: cannot load RSA private key
I am trying to debug a FTP server. I am currently getting
$ sudo /usr/sbin/vsftpd
500 OOPS: SSL: cannot load RSA private key
FTP connections are being refused. This is that status of from systemctl:
...
- 113
0
votes
2
answers
441
views
OpenVPN,EasyRSA :system was unable to find the specified registry key or value
I've installed (as Admin) latest version of OpenVPN (2.4.7-I603) on Windows 2012 x64. I've checked on installer EasyRSA 2. Then trying to generate the certificate go in path ..\program files\OpenVPN\...
- 153
4
votes
1
answer
17k
views
Convert rsa to ppk file in MAC
I want to convert the id_rsa file to ppk file. I found there are many websites teaching "how to convert ppk to rsa in MAC" but not vice versa. Is there a way to convert rsa private key to ppk for ...
- 180
3
votes
3
answers
11k
views
openvpn client certificate error with "unsupported purpose"
I was following this wiki instruction to generate OpenVPN client certificate. This involves:
easyrsa gen-req client1 nopass
I tried to use this client1 certificate in my OpenVPN setup. The server ...
- 201
1
vote
1
answer
796
views
How to disable certain user rsa certificate in OpenVPN?
Suppose we create certificates for OpenVPN using easy-rsa. And we have two clients - client1 and client2 with their certificates etc. Suppose that some time later we need to disable client2 ...
- 85
1
vote
1
answer
3k
views
How to make sure TLS is using AES 256
I am trying to establish a secure TLS connection between my system and a third party API. Third party mandates that I have to use AES 256 for all communication, Now I have installed a X509 ...
- 113
1
vote
1
answer
122
views
How to test Remote host Identification for changes without ssh
I have a script which runs and makes the assumption that the remote host key is in known_hosts when running some commands which use SSH.
I would like to know if there is some command that can be ran ...
- 113
0
votes
0
answers
29
views
Multi-Factor Authentication varieties and is there a universal bridge for them
I am trying to research a project on how to connect to multiple enterprise environments that employ multi-factor authentication using a singular approach. My question is, are there any systems out ...
- 101
3
votes
3
answers
5k
views
Server still prompts for password after SSH configuration, Ubuntu 17.10 x64
EDIT: After consulting verbose logs as was suggested, I found the error myself. Answer is at the bottom.
I have a DigitalOcean droplet I want to use as a development environment. I've created a non-...
- 149
1
vote
0
answers
281
views
Direct Access and RSA Authentication
We're having ongoing issues trying to setup DirectAccess with RSA SecureID OTP. On it's own DirectAccess is working great, however after I configure the OTP authentication I can't get my client to ...
- 225
1
vote
1
answer
717
views
Setup rsa-keygen when using ssh for a different user
I have server 1 running aix configured at 192.168.0.1 and and another Linux server configured at 192.168.0.2. I am currently using expect to login as [email protected].
The problem is that the ...
- 165
-1
votes
1
answer
119
views
Add RSA login access to a new linux user [closed]
I have automatically created rsa connection for user "root" via hosting installation script.
I just added two new users and my question is how to configure them in SSH to login with their rsa keys? ...
- 21
0
votes
1
answer
2k
views
Why is the same private key file generating two different public key strings?
I have an ssh key pair that was generated to use as an access key for my GoCD CI/CD server. It was working but due to some configuration changes I made (moved the server out of container to a Linux ...
- 264
0
votes
2
answers
687
views
copy ssh key from windows to synology disk
I'm trying to set up a git server on my synology following this tutorial.
The step I'm stuck at is this:
copy public rsa key from local computer to gituser account on server
I use following command: ...
- 101
2
votes
2
answers
9k
views
SSH looking for id_rsa-cert get key_load_public error
1) My ~/.ssh folder has the permission: drwx------. 2 user user 4.0K Aug 19 15:39 .ssh
2) I run ssh-keygen -t rsa and get the defaults files id_rsa and id_rsa.pub.
3) I copy/paste my id_rsa.pub key ...
- 123
2
votes
1
answer
6k
views
Where is cli.ini letsencrypt config file?
Where is the cli.ini file for default letsencrypt package?
From Let's Encrypt docs, it's possible to set default rsa key length in a cli.ini file, however, I cannot find this file.
I want to make ...
- 73
154
votes
35
answers
618k
views
SSH Suddenly returning Invalid format
So a while ago I set up a server on AWS, and used their generated SSH key. I saved the key to Lastpass, and have successfully retrieved it from there before, and got it working. However, after trying ...
- 1,643
0
votes
1
answer
186
views
SSL S2S communication, protocol and ciphers
about a server/server S2S communication:
1st server has on Apache .conf:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-...
- 1
0
votes
1
answer
1k
views
Puppet use master's ssh key for git clone?
I'm using the vcsrepo puppet module to sync git repositories.
# install git repo
vcsrepo { "/home/repo":
ensure => present,
provider => git,
source => "[email protected]:...
- 289
0
votes
1
answer
34
views
which public rsa keybelongs to which secret?
Is there a way to find out which public rsa key belongs to which secret key?
I have two pairs lying around, and would like to know ehich one is which.
- 157
1
vote
1
answer
518
views
SELinux - Script uploaded SSH keys to remote server but cannot connect via SSH
I wrote this script which now works perfectly on systems without SElinux installed.
echo Enter server IP:
read server
scp /home/Zenoss/.ssh/authorized_keys random@$server:/home/random
sshpass -p ...
- 117
0
votes
1
answer
976
views
How to verify RSA fingerprint for Linux AWS instance from Windows
The instructions for connecting to AWS Linux AMI states that when using putty, you should locate the SSH HOST KEY FINGERPRINTS section and note the RSA fingerprint.
I am running the "aws ec2 get-...
- 101
0
votes
2
answers
394
views
How to do SSH with -i option and bypassing password entry
Using ssh, I want to access
Machine1 --> Machine2
Let's say Machine2 has IP address: 133.165.14.22.
I have copied id_rsa.pub from Machine1 to Machine2
Then in Machine2 I have already did this:
...
- 103
8
votes
2
answers
28k
views
Unable to login(ssh) with public private key pair
I am unable to login with public private key pairs. I do have access with a password. Following are the logs on server side and on the client side. Why am I unable to login?
type=CRYPTO_KEY_USER msg=...
- 277
3
votes
3
answers
4k
views
How can I ssh to server with rsa-key with specific username? [closed]
I want to ssh from my home computer (user: antonio@antonio-home) to serveruser@serverhost with rsa-key.
I generated rsa-key with ssh-keygen -t rsa and uploaded to server, but it is still asking me ...
- 169