Public key cryptography: OpenSSH private keys
When you create standard RSA keys with ssh-keygen you end up with a private key in PEM format, and a public key in OpenSSH format. Both have been described in detail in my post Public key cryptography: RSA keys. In 2014, OpenSSH introduced a custom format for private keys that is apparently similar to PEM but is internally completely different. This format is used by default when you create ed25519 keys and it is expected to be the default format for all keys in the future, so it is worth having a look.
While investigating this topic I found a lot of misconceptions and wrong or partially wrong statements on Stack Overflow, so I hope this might be a comprehensive view of what this format is, its relationship with PEM, and the tools that you can use to manipulate it.
I'm not the first programmer to look into this, clearly, and I have to mention two posts that I read before writing this one: OpenSSH ed25519 private key file format written in December 2017 by Peter Lyons and The OpenSSH private key binary format, written in August 2020 by Marin Atanasov Nikolov. I'm sure many others have done this research but these are the resources that I found and I want to say a big thanks to both authors for sharing their findings. I will shamelessly use their results in the following explanation, as I hope others will do with what I'm writing here. Sharing knowledge is one of the best ways to help others.
Please note that all the private keys shown in this post have been trashed after I published it.
Note: as the word "key" can identify several different component of the systems I will describe, I will as much as possible use the words "private key" and "encryption key". The first is the key that we generate to be used in SSH, while the second is a parameter of a (symmetric) encryption algorithm.
How To Use Nmap – A Comprehensive Guide: Basics To Advanced
Nmap is a free and open-source network discovery and security audit tool. Nmap stands for “Network Mapper“.
Whether you are a network engineer or a penetration tester, Nmap is one of the most important tools in your arsenal.
Create A Sudo User on Fedora – TecAdmin
Sudo allows us to provide superuser privileges to a normal user with restrictions. It allows users to run programs with the privileges of other users. One can configure sudo to give root privileges to specific commands only.
This tutorial helps you to create a new user with Sudo privileges, allow sudo access to the existing accounts or remove sudo privileges from any account.
How To Install Slack Messenger on Ubuntu Linux
Slack is a proprietary business communication platform developed by American software company Slack Technologies. Slack offers many IRC-style features, including persistent chat rooms (channels) organized by topic, private groups, and direct messaging.
How to install Deepin Desktop on Manjaro 21 Linux - Linux Shout
Although we already have Majnaro Deepin Linux to download and install, however those who already have this Linux and don’t want to reinstall it can manually install Deepin Desktop Environment on their Manajro Linux.
Deepin Desktop environments is a beautiful graphical user interface developed by the Deepuin Linux developers. However, the other users who don’t want to switch to Deepin Linux can manually install DDE on their Linux with few commands whether it is Ubuntu or Arch base Manjaro.
Android Leftovers
KDE Frameworks 5.83 Brings More Than 200 Changes, Improves Support for Flatpak Apps
KDE Frameworks 5.83 is a monthly update and brings numerous bug fixes and improvements to make your KDE Plasma and Apps experience more stable, reliable, and enjoyable. There are over 220 changes included in this update, which is a highly recommended update for all users using the KDE Plasma desktop. Highlights include the ability to select folders in the folder selector dialog in Flatpak apps, as well as other apps that use XDG portals, new KMyMoney icon, new Goodvibes icon, support for blur effect behind plasmoids, a fix for a memory leak that occurred when updating Cover images in the ASF (WMA) file format, as well as a fix for a regression that caused the Dolphin file manager to crash when searching for files.
Stéphane Graber: Inexpensive highly available LXD cluster: 6 months later
Over the past few posts, I covered the hardware I picked up to setup a small LXD cluster and get it all setup at a co-location site near home. I’ve then gone silent for about 6 months, not because anything went wrong but just because of not quite finding the time to come back and complete this story! So let’s pick things up where I left them with the last post and cover the last few bits of the network setup and then go over what happened over the past 6 months.
