vonc + key   128

ehazlett/docker-volume-libsecret: Docker Volume Driver plugin for libsecret
docker-volume-libsecret - Docker Volume Driver plugin for libsecret
docker  secret  volume  external  key 
april 2016 by vonc
micmonay/keybd_event: For simulate key press in Linux, Windows and Mac in golang
keybd_event - For simulate key press in Linux, Windows and Mac in golang
golang  keypressed  go  key  keyboard 
february 2016 by vonc
maxzerbini/ovo: OVO is an In-Memory Key/Value Storage
OVO is an In-Memory Distributed Cache and a Key/Value Storage
go  golang  distributed  kv  keyvalue  store  cache  value  github  key 
february 2016 by vonc
One-com/gonelog
gonelog - Golang logging library
go  golang  log  std  better  improvment  structured  key  value  low  resource  vendor  dependency 
december 2015 by vonc
boombuler/otp
This is a package for GO for timebased (TOTP) or counterbased (HOTP) One-Time Passwords as defined in RFC 6238 and RFC 4226.
go  golang  totp  hotp  password  timebased  onetime  cle  key  time 
august 2014 by vonc
Bypassing Google's Two-Factor Authentication — Blog —Duo Security
So then, the major differences between OAuth tokens and ASPs are: OAuth tokens are created automatically, while ASPs are a thoroughly manual affair. You have to log into Google’s account settings page to create one, and then transcribe (or copy/paste) it into your application. OAuth tokens use a flexible authorization model, and can be restricted to accessing only certain data or services in your account. By contrast, ASPs are — in terms of enforcement — not actually application-specific at all! This second point deserves some more attention. If you create an ASP for use in (for example) an XMPP chat client, that same ASP can also be used to read your email over IMAP, or grab your calendar events with CalDAV. This shouldn’t be particularly surprising. In fact, Eric Grosse and Mayank Upadhyay of Google even call this weakness out in their recent publication about Google’s authentication infrastructure: “Another weakness of ASP is the misimpression that is provides application-limited rather than full-scope account access.” - Authentication at Scale, appearing in IEEE S&P Magazine vol. 11, no. 1 As it turns out, ASPs can do much, much more than simply access your email over IMAP. In fact, an ASP can be used to log into almost any of Google’s web properties and access privileged account interfaces, in a way that bypasses 2-step verification!
application  oauth  google  passphrase  specific  bypass  secret  criticisms  security  asp  password  key 
november 2013 by vonc
Improving the security of your SSH private key files — Martin Kleppmann’s blog
If you already have a strong passphrase on your SSH private key, then converting it from the traditional private key format to PKCS#8 is roughly comparable to adding two extra keystrokes to your passphrase, for free. And if you have a weak passphrase, you can take your private key protection from “easily breakable” to “slightly harder to break”.

It’s so easy, you can do it right now:

$ mv ~/.ssh/id_rsa ~/.ssh/id_rsa.old
$ openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa.old -out ~/.ssh/id_rsa
$ chmod 600 ~/.ssh/id_rsa
# Check that the converted key works; if yes, delete the old one:
$ rm ~/.ssh/id_rsa.old
ssh-keygen  openssl  protection  key  pkcs8  private  private_key  best-practices  bestpractices  security  ssh 
august 2013 by vonc
Keep it secret, keep it safe - Fabulous Adventures In Coding - Site Home - MSDN Blogs
The strength of the security of a large quantity of data -- known as the "plaintext" -- against discovery or modification by a motivated attacker depends upon the security of a small quantity of data -- known as the "key". (*) That is, modern crypto is essentially a form of mechanical advantage. With a gearing system or a lever you can turn a small motion into a large motion. With a strong cryptosystem you can turn the security of a 1 KB key file into the security of a 10 MB data file. Cryptosystems do not manufacture new security, any more than a lever manufactures new motion. Cryptosystems turn the security of one thing (the key) into the security of another much larger thing (the plaintext).
https  ericlippert  computer/encryption  ssl  security  cryptography  middle  private  security  cryptography  public  key  exchange  man 
june 2013 by vonc
Instabridge
Does “share Wi-Fi” mean that someone can connect to my phone? No. Instabridge is for sharing Wi-Fi credentials (SSID, BSSID, password), not for allowing other devices to connect to your phone.
share  wifi  android  ssid  key 
march 2013 by vonc
multisystem - Documentation Ubuntu Francophone
MultiSystem est un logiciel qui, contrairement aux outils traditionnels comme LinuxLive USB Creator, Usb-creator, ou encore Unetbootin, permet de créer entre autres des clés dites Live-USB mais multiboot. C'est-à-dire que vous pourrez installer autant de Live-CD que l'espace disponible de votre clé USB le permet, et choisir au démarrage de votre PC, via un menu graphique, la distribution à démarrer.
Vous trouverez la liste des distributions supportées par MultiSystem sur cette page du site officiel.
boot  iso  image  usb  script  multiple  key 
february 2013 by vonc
KeyStore Explorer - Home
What is KeyStore Explorer?

KeyStore Explorer is a free GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool. KeyStore Explorer presents their functionality, and more, via an intuitive graphical user interface.

KeyStore Explorer is written and maintained by Wayne Grant.

Highlights of KeyStore Explorer's capabilities are listed below.
certificate  keytool  security  java  tls  certificates  key  tools  ssl  keystore 
november 2012 by vonc
Profiter de l’authentification en 2 étapes sans téléphone | Korben
Avec l'authentification en 2 étapes comme décrite ici, une partie de la vérification est déportée sur un téléphone qui grâce à une application comme Google Authenticator ou un envoi de SMS permet d'obtenir un code unique.

Mais comment faire si on souhaite profiter de cette sécurité supplémentaire sans avoir de téléphone à portée de main ? Simple, il suffit d'utiliser son ordinateur ou plus exactement l'extension GAuth Authenticator, qui fera exactement le même boulot mais sur votre ordi.

Pour Chrome
Pour Firefox
Et pour Android (donc là sur votre téléphone ou sur un Android x86)
Vous pourrez sécuriser Gmail, Dropbox ou WordPress grâce à cette extension sans même avoir besoin d'un téléphone. Malin ! GAuth Authenticator est développée en HTML, jQuery Mobile et utilise jsSHA et le LocalStorage des navigateurs pour fonctionner. D'ailleurs pour ceux qui voudraient se plonger dans les sources, elles sont ici.
private  key  authenticator  double  authentication  google  browser  chrome  plugin  browsing  extension  sécurité  security 
september 2012 by vonc
Shell script to create multiple OpenSSL Certificates - The UNIX and Linux Forums
The script is now creating all the RootCA certificates but it only creats 8 of the client certificates. Because its only signing them with the last RootCA of 4096. I need it to sign each one with each RootCA as well
key  bash  script  ca  root  sign  openssl 
july 2012 by vonc
Zarafa WebAccess and WebApp with Google Authenticator - iSartor Wiki
Google delivers a soft token application which can be freely downloaded for Android, iOS and Blackberry devices. Go to the store of your mobile device and just download the app Google Authenticator.

With Google Authenticator you are able to secure various services:
Google services: http://support.google.com/a/bin/answer.py?hl=en&answer;=1037451
SSH: Through the google pam module: http://www.mnxsolutions.com/security/two-factor-ssh-with-google-authenticator.html
Other services like Zarafa Webaccess and/or WebApp.

In this document we will only explain the latter: Integrating the google soft token application with Zarafa WebAccess and/or WebApp.
webapp  key  secret  integration  authenticator  google 
july 2012 by vonc
Clé USB Zalman U3M32 SLC : 32 Go à pleine vitesse
SLC : Que du bon ?

Son principal atout, hormis sa compatibilité avec l’interface USB 3.0, est de profiter d’une architecture autour de puces mémoire SLC. Face à de la NAND Flash MLC, Zalman met en avant, certes un coût plus élevé, mais des avantages dans quatre domaines. Les débits en écriture et lecture sont bien plus élevés tandis que la température de fonctionnement se veut plus faible, le tout dans un contexte d’une demande énergétique optimisée et une espérance de vie améliorée.

Tout ceci s’explique par le fait que la SLC, contraction de Single Level Cell, stocke un seul bit par cellule contrairement à la MLC, contraction de Multi Level Cell, où plusieurs bits peuvent prendre place grâce à plus de deux états possibles par cellule (généralement 4 voire 8).

De ce constat, il est facile de comprendre que pour une densité identique la SLC devient plus coûteuse car à l’unité elle contient moins de données. Ceci explique par exemple l’usage massif de MLC sur le marché des SSD grand
usb3  3.0  usb  key  cle 
may 2012 by vonc
Import private key and certificate into Java Key Store (JKS)
Keytool helps you to:

create a new JKS with a new private key
generate a Certificate Signung Request (CSR) for the private key in this JKS
import a certificate that you received for this CSR into your JKS
Keytool does not let you import an existing private key for which you already have a certificate. So you need to do this yourself, here's how
self-signed  tomcat  java  client  tls  jks  certificates  key  openssl  keytool  ssl 
april 2012 by vonc
EJBCA - Open Source PKI Certificate Authority - Home
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used stand-alone or integrated in other JEE applications.

EJBCA is an enterprise class PKI, meaning that you can use EJBCA to build a complete PKI infrastructure for your organization. If you only want to issue a few single certificates for testing, there are probably options that will get you started quicker, but if you want a serious PKI we recommend EJBCA.
key  prime  certification  authority  ca  encryption  x509  software  ssl  j2ee  opensource  certificate  pki  java  security 
april 2012 by vonc
365Git | Adding a GPG Public Key to a repository
Create the tagged public key
First. Lets get the gpg public key that we need. The email I am using for this repository as abizern@abizern.org (and I’ve set this up in the config file) so to get the public key as a plain text file I run:

gpg --armor --export > pubkey.txt
The actual name of the file doesn’t matter because a blob only stores the contents of a file. Now we can turn this file into a blob with:

git hash-object -w pubkey.txt
This will compute the hash of the object and the -w flag gets the object written into the object database. It returns the hash value. you want to copy this. In my case it was

ab147894b92328ffef9db011789e4d0e55652688
So now I can tag this blob, even though it isn’t in the index or part of the tree of commits:

git tag -s pubkey ab147894b92328ffef9db011789e4d0e55652688
This creates a signed tag called pubkey that points to the blob that contains the public key. I didn’t need to use a signed tag, but it doesn’t hurt.

Now, I don’t ne
signature  sign  gpg  key  tag  git  commit  blob  write  hash 
november 2011 by vonc
« earlier      
per page:    204080120160

related tags

1.5  1.6  2fa  3.0  3g  3g+  6.9  access  account  acheter  action  activation  active  advantage  aha  ahha  alive  android  ansible  api  app  apple  application  argument  article  asp  asynchronous  authentication  authenticator  authority  authorization  autoit  baclbox  bash  best-practices  bestpractices  better  binding  bitbucket  bitcoin  black  blob  bluetooth  boot  bootable  bootdisk  box  browser  browsing  burn  bypass  ca  cache  card  ccrc  center  certificate  certificates  certification  chain  check  chrome  class  cle  clearcase  clearquest  cli  client  cloudflare  cname  command  commandline  commands  commit  computer  computer/encryption  config  configuration  console  consul  content  context  copy  crack  crawler  creation  crisis  criticisms  crypt  crypto  cryptography  customer  database  decryption  dependency  deployment  derivation  desktop  disable  discovery  disk  dispart  distributed  docker  double  download  drive  driver  duplicate  dvd  eclipse  ed25519  encryption  encryption;  encryptions  ericlippert  etcd  example  exchange  explanation  exploit  export  extension  external  factor  fido  file  fingerprint  fire  firmaware  flash  format  free  freeware  ftp  function  generation  generator  git  github  gitlab  gitolite  gmail  go  golang  google  gpg  graph  guid  guide  guthub  hack  handler  hardware  hash  hmac  hostid  hotp  howto  hsdpa  http  https  ibm  ikeynam  image  imessage  important  improvment  Infineon  install  installation  installer  integration  intercept  internet  isb  iso  issue  j2ee  java  jks  json  keep  keepalive  kernel  key  keybinding  keyboard  keygen  keypressed  keys  keystore  keytool  keyvalue  kv  label  lanyard  leader  learning  lexer  library  licence  license  licensing  linux  list  livecd  lockpick  log  low  macro  man  management  manual  manuel  mapper  maven  menu  metadata  microsoft  middle  model  mouse  mstsc  multiple  multiplexer  necklace  netgear  network  new  ntdetect  ntfs  null  oauth  oem  onetime  opensource  openssh  openssl  os  overview  parse  parsing  passphrase  password  path  pc  pem  pgp  physical  pinning  pkcs8  pki  plugin  pom  portable  primary  prime  privacy  private  private_key  programm  protection  public  python  quick  quickaccess  rational  rcp  rdp  reader  record  redirect  reference  registry  remote  remove  repair  reparation  repo  repository  resource  review  revocation  rfc  root  rotation  rsa  script  search  secret  section  secure  security  self-signed  send  server  settings  sha1  share  shortcut  shortcuts  sign  signature  signed  sockets  software  specific  squash  ssh  ssh-keygen  ssid  ssl  stackoverflow  startssl  static  std  store  string  structured  substitution  support  swarm  switcher  symetric  sécurité  tag  tech  test  time  timebased  tips  tls  token  tomcat  tool  tools  totp  transparency  trust  tutorial  type  ubuntu  update  url  usb  usb3  utilities  utility  uuid  value  vault  vendor  vista  volume  web  webapp  website  wifi  win7  windows  windows7  wintoflash  wireless  wpa  write  x509  x950d  xp  yubico  yubikey 

Copy this bookmark:



description:


tags: