Anthony Martin on 15 Jan 2016 10:51:01 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Topic Suggestion: Let's Encrypt

but but.. 98% of my servers are RHEL not debian :'( lol

Anthony Martin

Linux System Administrator

anthony.j.martin142@gmail.com


On Fri, Jan 15, 2016 at 1:47 PM, Keith C. Perry <kperry@daotechnologies.com> wrote:
Thanks for that.  Yet I'm not sure what the full presentation on digital fingerprinting and authenticity would be.  Aside from the programming aspect, I almost see more of a high level lighting talk.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Owner, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167
www.daotechnologies.com

----- Original Message -----
From: "JP Vossen" <jp@jpsdomain.org>
To: plug@lists.phillylinux.org
Sent: Friday, January 15, 2016 1:36:40 PM
Subject: Re: [PLUG] Topic Suggestion: Let's Encrypt

+1 for Let's Encrypt
        +1 Apache (Debian)
        +1 Postfix/SASL (Debian)
        +1 courier-imap-ssl (Debian)
+1 encrypted storage / containers
+0.5 digital fingerprinting and authenticity with SHA2 hashes (*I* think
it's neat, but I'm not clear on broad audience :)

On 01/15/2016 12:20 PM, Keith C. Perry wrote:
> I was thinking about developing more encryption and security stuff for this year but this seems to be an interesting talk.  The one that came to mind for me (that goes beyond the OpenVPN talk I did) was encrypted storage / containers just using native Linux tools.
>
> I also have an idea for a talk on doing a digital fingerprinting and authenticity with SHA2 hashes.  This one could be a two parter.  The second part goes into writing software for this.
>
> ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
> Keith C. Perry, MS E.E.
> Owner, DAO Technologies LLC
> (O) +1.215.525.4165 x2033
> (M) +1.215.432.5167
> www.daotechnologies.com
>
> ----- Original Message -----
> From: "Rich Freeman" <r-plug@thefreemanclan.net>
> To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
> Sent: Friday, January 15, 2016 8:58:39 AM
> Subject: Re: [PLUG] Topic Suggestion: Let's Encrypt
>
> On Fri, Jan 15, 2016 at 8:24 AM, Anthony Martin
> <anthony.j.martin142@gmail.com> wrote:
>>
>> 3: I think we should have a talk that starts at the basics and works its way
>> up from there for
>> a full 1 hour talk as this is something I personally have wanted to look
>> into for awhile but
>> have not had the time for side projects recently.
>>
>
> Certainly if you added a general overview of how SSL works (the
> basics) that would expand the talk to about an hour.
>
> One issue if you want to target this at people who've never set up SSL
> is that some of the details tend to be distro-specific, and certainly
> software-specific.  Even if you just focused on Apache you'd struggle
> to give people a recipe that works for everybody, though if distros
> set up letsencrypt fully then it is supposed to be idiot-proof.
>
> However, there are lots of software packages that use certificates
> besides apache.  I'm using Letsencrypt certificates now for my domain
> and it maintains the certificates/keys/etc in a directory in /etc with
> a symlink for the most current version.  The auto-configure stuff will
> patch your config files to point to it, but you can also point your
> config files there manually.  Once you do that then all you should
> need to do to maintain it is renew your certs and then reload/restart
> your services.  The main exception I've found is courier-imap which
> uses a funky approach storing both the private key and the certificate
> in the same file - so I just cat those two files together into a file
> just for that service.
>
> In any case, I'll let somebody else offer to take this one first if interested.
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
>



Later,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug