regpg
play

regpg safely store server secrets Tony Finch - PowerPoint PPT Presentation

Jan 17, 2024 •384 likes •703 views

regpg safely store server secrets Tony Finch <fanf2@cam.ac.uk> <gitmaster@uis.cam.ac.uk> Network Systems (RNB 1N52) Tuesday 21st November 2017 University Information Services agenda Context Demo secrets? keys server?

  1. regpg safely store server secrets Tony Finch <fanf2@cam.ac.uk> <gitmaster@uis.cam.ac.uk> Network Systems (RNB 1N52) Tuesday 21st November 2017 University Information Services

  2. agenda Context Demo secrets? keys server? secrets store? recrypt safely? X.509 / TLS gpg? Ansible re? conversion

  3. secrets https://www.flickr.com/photos/fuzzy/3196534149

  4. secrets – encryption https://richardskingdom.net/wp-content/uploads/2014/04/encrypt-all-the-things.png

  5. secrets – Shamir / Rivest / Adleman https://claudiodinardo.com/content/images/2017/08/shamir-rivest-adleman.jpg

  6. server https://www.flickr.com/photos/evilnick/183967344

  7. server – files https://www.flickr.com/photos/lnx/7297731

  8. store – not share https://www.flickr.com/photos/23605686@N05/6921691127

  9. safely – hazmat containment https://www.flickr.com/photos/mamboman/3698344360

  10. safely – situational awareness https://www.flickr.com/photos/109570752@N02/15118828431

  11. gpg https://commons.wikimedia.org/wiki/File:Gnupg_logo.svg

  12. regpg https://dotat.at/prog/regpg/

  13. dependencies prerequisites helpers perl ansible gnupg git gnupg-agent openssl pinentry-* openssh-client xclip

  14. check gpg-agent echo $GPG_AGENT_INFO eval $(gpg-agent --daemon)

  15. install quick cd ~/bin curl -O https://dotat.at/prog/regpg/regpg home page https://dotat.at/prog/regpg/ supporting documentation distribution tar balls test suite

  16. generate key Generate a key just for regpg Separate from your other gpg keys (if any) gpg --gen-key Answer the quiz

  17. generate key – demo https://www.flickr.com/photos/eugenuity/34113551603

  18. manage keys addkey addself ⇐ = delkey ⇐ = exportkey importkey lskeys ⇐ =

  19. manage keys – demo https://www.flickr.com/photos/bantam10/3068761016

  20. secrets encrypt ⇐ = decrypt ⇐ = recrypt edit ⇐ = pbcopy pbpaste shred ⇐ = check ⇐ =

  21. secrets – demo https://www.flickr.com/photos/zapthedingbat/516726771

  22. recrypt delkey ⇐ = importkey ⇐ = lskeys ⇐ = recrypt ⇐ = check ⇐ =

  23. recrypt – demo https://www.flickr.com/photos/parkstreetparrot/6531496943

  24. generate TLS / ssh gencsrconf ⇐ = gencsr ⇐ = genkey ⇐ = genpwd

  25. generate TLS / ssh – demo https://www.flickr.com/photos/zapthedingbat/516726771

  26. set up hooks init ⇐ = init git ⇐ = init ansible ⇐ = init ansible-vault

  27. set up hooks – demo https://www.flickr.com/photos/walkingsf/8143196966

  28. converters conv ansible-gpg ⇐ = conv ansible-vault ⇐ = conv stgza

  29. converters – demo https://www.flickr.com/photos/eltpics/15367149536

  30. Questions? https://www.flickr.com/photos/debord/4932655275

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Data Loss Prevention @ Duquesne University Brad Maloney | maloneyb@ duq.edu Manager, Secure

Data Loss Prevention @ Duquesne University Brad Maloney | maloneyb@ duq.edu Manager, Secure

Data Loss Prevention @ Duquesne University Brad Maloney | maloneyb@ duq.edu Manager, Secure Integrated Infrastructure Michael Muto | mutom@ duq.edu Sr. Information Security Engineer Reasons for DLP Assessing where your organizations

329 views • 20 slides
Shredding Your Garbage: Reducing Data Lifetime Through Secure Deallocation Jim Chow, Ben Pfaff,

Shredding Your Garbage: Reducing Data Lifetime Through Secure Deallocation Jim Chow, Ben Pfaff,

377 views • 10 slides
COVID 19 UPDATE 5-18-2020 Todays Agenda Welcome Cathy Franklin Opening remarks

COVID 19 UPDATE 5-18-2020 Todays Agenda Welcome Cathy Franklin Opening remarks

COVID 19 UPDATE 5-18-2020 Todays Agenda Welcome Cathy Franklin Opening remarks Paul Throne Announcements State staff/Carolyn Conner Fact Finders update Margaret Dosland FMNP Overview Steve Strong

736 views • 25 slides
SUSTAINABILITY at the University of Miami In the Offices LIGHT-WEIGHT NO STYROFOAM NO USED

SUSTAINABILITY at the University of Miami In the Offices LIGHT-WEIGHT NO STYROFOAM NO USED

SUSTAINABILITY at the University of Miami In the Offices LIGHT-WEIGHT NO STYROFOAM NO USED TOWELS Apply now Empty your recycling desk bin into miami.edu/greenu the tall blue containers Waste that goes into Red Bags? In the Use RED

551 views • 3 slides
Unit 19 Physical Design Constraints &amp; Issues 19.2 Signal Types Recall even digital

Unit 19 Physical Design Constraints &amp; Issues 19.2 Signal Types Recall even digital

19.1 Unit 19 Physical Design Constraints &amp; Issues 19.2 Signal Types Recall even digital signals are just voltages Analog signal Continuous time signal where each voltage level has a unique meaning Digital signal

513 views • 18 slides
Unit 14 Noise Margins, Interfacing, and Tri-States 14.2 Signal Types Recall even digital

Unit 14 Noise Margins, Interfacing, and Tri-States 14.2 Signal Types Recall even digital

14.1 Unit 14 Noise Margins, Interfacing, and Tri-States 14.2 Signal Types Recall even digital signals are just voltages Analog signal Continuous time signal where each voltage level has a unique meaning Digital signal

830 views • 29 slides
Data Privacy and Cybersecurity for Tax Professionals (advanced session) Agenda 1. Introduction

Data Privacy and Cybersecurity for Tax Professionals (advanced session) Agenda 1. Introduction

Data Privacy and Cybersecurity for Tax Professionals (advanced session) Agenda 1. Introduction 2. Security Challenges Related to COVID-19 Pandemic 3. Tips for Remote Working during COVID-19 Pandemic 4. Customer Data Makes You a Prime Cyber

835 views • 45 slides
DistributedAlgorithms Setofsharedobjects(variables)

DistributedAlgorithms Setofsharedobjects(variables)

2/23/09 Distributed Sharedmemory Bertinoro, March 2009 Algorithms Part III 2 Sharedmemorydistributedsystem Setofprocesses DistributedAlgorithms Setofsharedobjects(variables)

356 views • 14 slides
Boston University Security Awareness What you need to know to keep information safe and secure

Boston University Security Awareness What you need to know to keep information safe and secure

Boston University Security Awareness What you need to know to keep information safe and secure Boston University Security Awareness 5/19/2010 Introduction Boston University Slideshow Title Goes Here Welcome to Boston Universitys

460 views • 25 slides
THE MEANING OF MARRIAGE Loving the Stranger (Part 2) THE MEANING OF MARRIAGE The Currencies

THE MEANING OF MARRIAGE Loving the Stranger (Part 2) THE MEANING OF MARRIAGE The Currencies

Meaning of Marriage 4/9/2017 5b. Loving the Stranger THE MEANING OF MARRIAGE Loving the Stranger (Part 2) THE MEANING OF MARRIAGE The Currencies of Love All forms of love are necessary, and none are to be ignored, but all of us find

908 views • 11 slides
Dependency Parsing II CMSC 470 Marine Carpuat Arc Standard Transition System defines 3

Dependency Parsing II CMSC 470 Marine Carpuat Arc Standard Transition System defines 3

Dependency Parsing II CMSC 470 Marine Carpuat Arc Standard Transition System defines 3 transition operators [Covington, 2001; Nivre 2003] SHIFT Remove word at head of input buffer Push it on the stack LEFT-ARC create head-dependent

605 views • 36 slides
Backups Por$ons courtesy Ellen Liu CSE/ISE 311: Systems

Backups Por$ons courtesy Ellen Liu CSE/ISE 311: Systems

CSE/ISE 311: Systems Administra5on Backups Por$ons courtesy Ellen Liu CSE/ISE 311: Systems Administra5on Quick Digression: Scripts You probably need to

514 views • 28 slides
1 Should debug code be left in shipped version Step through your code Pro: Maguire

1 Should debug code be left in shipped version Step through your code Pro: Maguire

Summer reading Robust Coding and Debugging CSE 403 Lecture 26 Dont do this Assertions # include &lt; stdio.h&gt; Dont use assertions to check unusual char * T= &quot;IeJKLMaYQCE]jbZRskc[SldU^ V\\X\\|/_&lt; [&lt;

369 views • 4 slides
Data storage, collaboration, backup, transfer and encryption Scott Summers UK Data Archive

Data storage, collaboration, backup, transfer and encryption Scott Summers UK Data Archive

Data storage, collaboration, backup, transfer and encryption Scott Summers UK Data Archive Practical research data management 19 April 2016 Overview Looking after research data for the longer-term and protecting them from unwanted loss

865 views • 23 slides
A haiku. Todays 1. Who is a Records Custodian? Topics 2. Why is Records Management

A haiku. Todays 1. Who is a Records Custodian? Topics 2. Why is Records Management

RM1001 Records Custodian Training May 6, 2019 A haiku. Todays 1. Who is a Records Custodian? Topics 2. Why is Records Management important? 3. What is a Public Record? 4. What is Records Management? 5. Resources 2 1. Who is a

796 views • 33 slides
Multi-platform Automatic Parallelization and Power Reduction by OSCAR Compiler Hironori Kasahara

Multi-platform Automatic Parallelization and Power Reduction by OSCAR Compiler Hironori Kasahara

Multi-platform Automatic Parallelization and Power Reduction by OSCAR Compiler Hironori Kasahara Professor, Dept. of Computer Science &amp; Engineering Director, Advanced Multicore Processor Research Institute Waseda University, Tokyo, Japan

519 views • 29 slides
THE FUZZING PROJECT Can we run C with fewer bugs? Hanno Bck https://hboeck.de/ 1 WHO AM I?

THE FUZZING PROJECT Can we run C with fewer bugs? Hanno Bck https://hboeck.de/ 1 WHO AM I?

THE FUZZING PROJECT Can we run C with fewer bugs? Hanno Bck https://hboeck.de/ 1 WHO AM I? Hanno Bck Freelance journalist (Golem.de, Zeit Online, taz, LWN) Started Fuzzing Project November 2015 Since May 2015: Supported by Linux

552 views • 31 slides
Indexing XML Data Stored in a Relational Database Shankar Pal, Istvan Cseri, Oliver Seeliger,

Indexing XML Data Stored in a Relational Database Shankar Pal, Istvan Cseri, Oliver Seeliger,

Indexing XML Data Stored in a Relational Database Shankar Pal, Istvan Cseri, Oliver Seeliger, Gideon Schaller, Leo Giakoumakis, Vasili Zolotov VLDB 2004 Presentation: Alex Bradley Discussion: Cody Brown CPSC 504 / November 2, 2009 Slides

473 views • 25 slides
Population Viability Analysis: Loggerhead Turtles Brook Milligan Department of Biology New

Population Viability Analysis: Loggerhead Turtles Brook Milligan Department of Biology New

References Population Viability Analysis: Loggerhead Turtles Brook Milligan Department of Biology New Mexico State University Las Cruces, New Mexico 88003 brook@nmsu.edu Fall 2009 Brook Milligan Population Viability Analysis: Loggerhead

288 views • 18 slides
U.S. Coast Guard District 8 FY18 LMR Performance 10/11/2018 1 Tab R, No. 4 USCG D8 Boardings

U.S. Coast Guard District 8 FY18 LMR Performance 10/11/2018 1 Tab R, No. 4 USCG D8 Boardings

U.S. Coast Guard District 8 FY18 LMR Performance 10/11/2018 1 Tab R, No. 4 USCG D8 Boardings by Fishery FY14FY18 1200 1014 1000 CMP, 16 HMS, 55 930 800 730 738 Reef Fish, 444 600 499 400 Shrimp, 499 200 0 FY14 FY15 FY16

368 views • 6 slides
S-Plus workshop 7-9 and 14-16 January students.washington.edu/arnima/s Syllabus Tue 7

S-Plus workshop 7-9 and 14-16 January students.washington.edu/arnima/s Syllabus Tue 7

S-Plus workshop 7-9 and 14-16 January students.washington.edu/arnima/s Syllabus Tue 7 Introduction Import data, summarize, regression, plots, export graphs Wed 8 Basic statistics Descriptive statistics, significance tests, linear models

557 views • 26 slides
Mangrove forests line the southern coastal region of El Salvador. Gracefully rooting themselves

Mangrove forests line the southern coastal region of El Salvador. Gracefully rooting themselves

Mangrove forests line the southern coastal region of El Salvador. Gracefully rooting themselves into the wet landscape, they provide to local communities a form of ongoing protection, from both the devastating effects of tropical storms and the

275 views • 10 slides
T eam-Based Interaction C.W. Johnson, Univ ersit y of Glasgo w, Glasgo w, G12 8QQ.

T eam-Based Interaction C.W. Johnson, Univ ersit y of Glasgo w, Glasgo w, G12 8QQ.

T eam-Based Interaction C.W. Johnson, Univ ersit y of Glasgo w, Glasgo w, G12 8QQ. Scotland. johnson@dcs.gla.ac.uk, h ttp://www.dcs.gla .a c.uk/ johnso n Octob er 2001 c CS-1Q: HCI (Lecture 6) C.W. Johnson,

636 views • 15 slides
with A Bayesian Probability Analysis Khuong Tran K (tranhoangkhuongbk@gmail.com) CAPITAL

with A Bayesian Probability Analysis Khuong Tran K (tranhoangkhuongbk@gmail.com) CAPITAL

Global Flood Partnership Conference 2019 June 11 th , 2019 Guangzhou, China Flood Mapping Using Time Series Sentinel-1 Data with A Bayesian Probability Analysis Khuong Tran K (tranhoangkhuongbk@gmail.com) CAPITAL NORMAL UNIVERSITY (CNU)

822 views • 13 slides

More recommend