How to Create Root Certificate Authority (CA) and Self Signed Certificate

Tags: June 18, 2016 9:47 AM
0 comments

Goal

Make client application such as web browser to trust our self signed certificate, so we can use any custom domain in development or internal network.

Generate Root CA

The first is to generate private key for our Certificate Authority (CA). Command below will generate RSA based private key 2048 bits key size.

$ mkdir self-root-ca && cd self-root-ca
$ openssl genrsa -out myRootCA.key
Generating RSA private key, 2048 bit long modulus
.................+++
................+++
e is 65537 (0x10001)
$ chmod 0600 myRootCA.key

Command above will produce a file called myRootCA.key. The chmod command will make sure that only super user and the creator of the key able to read the file.

Share on Facebook Twitter

Custom Solution for Managing ssh-agent without Gnome Keyring

Tags: June 14, 2016 8:08 PM
0 comments

Goal

How to enter ssh private key password only once without having managed by Gnome Keyring. The ssh agent should remain detected every time new terminal spawned or even on tty console CTRL+ALT+F1 and so on.

Solutions

We will utilize ssh-add, ssh-agent and little bit shell script commands for achieving the goal.

Step 1

First start the authentication agent and redirect the result to a file so can gather the agent information later.
$ ssh-agent -s > /tmp/my-ssh-agent.sh
Execute the file so we have the correct environment variables needed by ssh-add.

Share on Facebook Twitter

Stop Gnome Keyring for Managing ssh-agent on Xubuntu

Tags: 6:35 PM
0 comments

Goal

Stop Gnome keyring for managing ssh-agent on Ubuntu so you can use the original OpenSSH ssh-agent implementation.

Quick Solution

The solution is quite easy because Gnome Keyring daemon provide a way to replace the existing session.
$ gnome-keyring-daemon --replace --daemonize --components=pkcs11,secrets,gpg
Command above will replace the existing Gnome Keyring daemon but it removes the ability to manage the ssh agent. You can execute command below to make sure Gnome keyring does not manage the ssh agent anymore.

Share on Facebook Twitter