edafe.org » cryptography

Still sending naked email?

edafe — Fri, 14 Nov 2008 21:17:38 +0000

“In a world of repressive governments and a growing reliance on insecure networks, there’s no way anyone can be sure their most sensitive messages aren’t intercepted by the forces of darkness. But you can make it mathematically improbable that all but the most well-funded snoops could ever make heads or tales of your communications.” Use Dan Goodin’s step-by-step guide to email encryption and keep your communications private.
www.theregister.co.uk

The case for email security

edafe — Mon, 29 Oct 2007 15:32:01 +0000

“It may not be surprising for you to learn that email is not a secure medium of communication; however, it may surprise you to learn just how inherently insecure it really is.” Erik Kangas on how email really works, what the security issues are and where you can make the difference.
luxsci.com (PDF file, 112 kb)

Das elektronische Briefgeheimnis

edafe — Thu, 31 May 2007 21:57:56 +0000

In German

“Wer eine E-Mail verschickt, muß damit rechnen, daß seine Nachricht von Dritten gelesen wird.” Brief article outlining steps you can take to keep your email communications private.
www.sueddeutsche.de

Why use email encryption?

edafe — Wed, 20 Dec 2006 21:54:42 +0000

Email encryption should be used by everyone. Here’s why.
rffr.de

Public/private key authentication with SSH

edafe — Mon, 25 Sep 2006 19:31:42 +0000

SSH is a protocol that enables secure logins to your computer over a network. SSH supports the use of public/private key pairs for user authentication. Private keys are kept locally, while public keys are stored on the remote machine.

On the Local Machine

Use the command ssh-keygen -t dsa to generate a key pair for the local user. Use an appropriate passphrase to secure your private key (don’t be tempted to use an empty passphrase).
Set the permissions for the private key file with the following command:

user@ubuntu:~$ chmod 600 ~/.ssh/id_dsa

On the Remote Machine

Get the necessary packages with the following command:

user@ubuntu:~$ sudo apt-get install ssh

Copy the public key file ~/.ssh/id_dsa.pub from the local to the remote machine.

On the remote machine, move and rename the file with the following command:

user@ubuntu:~$ mv id_dsa.pub .ssh/authorized_keys2

Set the permissions for the file with the following command:

user@ubuntu:~$ chmod 600 ~/.ssh/authorized_keys2

Add the user user to the group ssh:

user@ubuntu:~$ sudo adduser user ssh

Get the file sshd_config and move it to /etc/ssh/:

user@ubuntu:~# sudo wget "http://edafe.org/wp-content/uploads/2006/09/sshd_config" user@ubuntu:~# sudo mv sshd_config /etc/ssh/

The downloaded file contains the following changes from the Ubuntu default configuration:

LogLevel VERBOSE


AllowGroups ssh

LoginGraceTime 20

PermitRootLogin no

MaxAuthTries 1
RSAAuthentication no
PasswordAuthentication no
X11 Forwarding no

TCPKeepAlive yes

ClientAliveInterval 15

ClientAliveCountMax 3
MaxStartups 3

UsePAM no

Setting these options makes root logins impossible. Only users belonging to the group ssh may establish a connection. Access to the remote machine is strictly tied to the private key and the passphrase used to encrypt it.

Next, restart the SSH server on the remote machine with the following command:

user@ubuntu:~$ sudo /etc/init.d/ssh restart

You should now be able to log into the remote machine using the private key stored on the local machine:

user@ubuntu:~$ ssh remote.machine Enter passphrase for key '/home/user/.ssh/id_dsa':

The book SSH The Secure Shell by Daniel Barrett, Richard Silverman and Robert Byrnes is useful as a reference text and has information on other clever stuff you can do with SSH.
www.ibm.com/developerworks/linux/

How to encrypt your email

edafe — Tue, 04 Jul 2006 22:08:07 +0000

“You too can get PGP set up in a few simple steps.” Jason Thomas shows just how easy it is to start encrypting your messages.
www.lifehacker.com

Thinking about email security

edafe — Sat, 01 Jul 2006 21:04:58 +0000

“The bottom line is, if your email passes through or is stored on servers controlled by others, it’s probably a good idea to consider encryption.” Joe Brockmeier considers the confidentiality of your messages.
www.newsforge.com

Introduction to cryptography

edafe — Sat, 13 May 2006 22:36:23 +0000

Find out more about the basic terminology and main methods of cryptography.
www.ssh.com

A practical introduction to GNU Privacy Guard

edafe — Thu, 24 Nov 2005 16:22:51 +0000

“In this guide, I will show you how to use the most important GPG commands.” Brendan Kidwell introduces GnuPG for Windows users.
www.glump.net

Introduction to cryptography

edafe — Wed, 18 May 2005 22:17:45 +0000

Not entirely sure how cryptography works? This document’s two chapters, The Basics of Cryptography and Phil Zimmermann on PGP, will tell you what you need to know.
ftp.pgpi.org (PDF file, 1007 kb)

Point-and-click email crypto

edafe — Thu, 20 Jan 2005 21:26:47 +0000

“I don’t want people reading my mail.” Roy Hoobler explains how to use KGPG for email and file encryption under KDE.
www.linuxjournal.com

Echelon spy network revealed

edafe — Fri, 17 Dec 2004 19:37:22 +0000

“It sounds like science fiction, but it’s true.” Andrew Bomford first published this article in November 1999. Will matters have improved since then?
news.bbc.co.uk

Why do you need PGP?

edafe — Wed, 20 Oct 2004 21:55:35 +0000

For a conclusive answer read this article by Phil Zimmermann, author of the Pretty Good Privacy application.
www.pgpi.org