OpenSSL encryption

Secure Sockets Layer is an application-level protocol which was developed by the Netscape Corporation for the purpose of transmitting sensitive information, such as Credit Card details, via the Internet. SSL works by using a private key to encrypt data transferred over the SSL-enabled connection, thus thwarting eavesdropping of the information. The most popular use of SSL is in conjunction with web browsing (using the HTTP protocol), but many network applications can benefit from using SSL. By convention, URLs that require an SSL connection start with https: instead of http.

ENCRYPTION OF A TEXT FILE

download at debian:# apt-get install apache2 openssl ssl-cert

Options used:
– in  :the input filename, standard input by default.
– out :the output filename, standard output by default.
–  A  :if the -a option is set then base64 process the data on one line.
– iv  :the actual IV to use: this must be represented as a string comprised only of hex digits. When only the key is specified using the -K option, the IV must explicitly be defined. When a password is being specified using one of the other options, the IV is generated from this password.
– nosalt: don’t use a salt in the key derivation routines. This option SHOULD NOT be used except for test purposes or compatibility with ancient versions of OpenSSL and SSLeay.

for more here

Input: plaintext.txt, Output: ciphertext.txt

For a 64-bit key, at hexademical, so the 4 first strings of the output of the command:
$ xxd randombytes.bin | head -1
encryption of plaintext.txt:
$ openssl enc -des-cbc -in plaintext.txt -out ciphertext.enc -nosalt -iv 0000000000000000 -K a21b5c57db687bba -a
in case you want to look the ciphertext.enc (binary)
$ xxd -b ciphertetx.enc
decrypt ciphertext.enc
$ openssl enc -des-cbc -d -in ciphertext.enc -out recevied.txt -nosalt -iv 0000000000000000 -K a21b5c57db687bba -a

example of ciphertext.txt:

MrUjZm3wxvoqLZhO2f23XmsX3U+fyEkcDrHkivFAy6Ka58f8zrJPYqWE+GZl4dfe
841E1/p33tmwIwC55/4OUKAHRRcWaR035oGng3WPYbaGgQ4VNurVg+kXYKGqACKB
nxnVtcjBPJj7QxXyw07cDHEBGMKsdZM2yL/WwP1kt/byD7bY1Gg3VAKzWYuxFKmc
9YfLogsVTGhbyy7sJ/xQZ5r5wJ0PKlmCnwMwLKzdZqNJYOP3Zde+mMKS3R09BFYQ
h+yViyprAHJ7aGjZZYlBoQOlwFpcWR4ATUMs3HYAEUfPkX4ygiF1x3+V86OcIFIR
hBNWuow0/xZZHiWMCJyvXkPkx+9U1bMWk296TO6hOk6+rctdVfl4GEoh2qyMVcEZ
EyzF3MGemhKY5w7NnoQJpPn9Ozoo/A5jCRkUvhI5Na6ByHFyS2C2pQERgGS42APX
ZkTwXf36C7aA37edKcSZu7Ls6oec9UC3xDdVB0kD3219ZMOKmJDgRWBLV+edFx0U
xY0v6oyA27rg58k28E1lRAoS8jXVQP9WcI7evpQo8PbwHgI35g8gNzDxzWrUd/Mj
Z1QrhhAt4ZtpPxgI9AlY9xw8o7LNMyiqoPKQ3I1Y1K1qUNhj68VFDGDvs3Lx3rN5
MyD6Wb0pE0KiDielHRQjxJrm9YFXc7gvi43Rg7PKEQ5PkUjRBaa4wo+NbCzl8l72
U7QMpbw8J8BMtLDZ0GPzNdI1yxI7AyV+0sTbUTfpJY+6tUTWRkeMLdsx9kDl95m0
n0LiwHDvZ6YiQjM/ZXyiDUfB4xivQhoEHDkhgAQ4koWmcv/9sClFSYLyUudpS60m
6M2CIbmba8bU4leILy9WXxPs3D2T6XULbISuqRubSaotai3vZVT6V39QAnSSA0WJ
+PcRbS0MOuW+oShDZNrqqsXagdYRMASpWR65RnpFfh8gCZ9QT07R0amKn5spAIvd
2Zbu/0f3p0+qAjHfYkVmFF1W2xnYvNGIqNyrES1b2YjE769gwYERGgm00LWun26T
aN0C8GHrxNCFuTPWEFWfmc9mnpNTHqfhyqvsJ7vw5BbGjM+CJEH5rJpnkUtontSb
iXsPUIKIKEqVl8nLCZgyQ/RslXDwgua0myDlauZq19E5PioBkqlGZ8Lr54KqHzS6
/MVKXc/og1041QHWYxtePbXzZ/DJzIfN7y7jE3OkKW3Wv8R5/ZePPx0vTbQxHo6P
b283o2dFr4tHA2bH80tZfu00Ya+sTsxdi1qkA6VWKkBqhuCvDRqxiAOnVpjb6QL0
eIkWlm1eukpW8gE1zRB9x0cPEWijccszNxnxuuHgvgDixDIyvGSHuw==

Making encryption routine a command line …
using the following aliases taken from here  we have:

$ alias sslenc='openssl aes-256-cbc -salt -a'
$ alias ssldec='openssl aes-256-cbc -d -a'
$ sslenc -in plaintext.txt -out ciphertext.enc && rm -f filename.txt
$ ssldec -in ciphertext.enc -out received.txt

– rm command removes the input file.
– aes-256-cbc: a command to encrypt using the Advanced Encryption Standard cipher with key size of 256 bit, which makes use of the Cipher-Block Chaining mode. Currently aes-256-cbc is the the standard cipher choice of the US government. You may change this command (i.e., “aes-256-cbc”) by “enc -aes-256-cbc” which means the same thing, but in a longhand: encrypt (enc) using the cipher, aes-256-cbc.
– salt: adds strength to the encryption and should always be used. (see wikipedia page for salt).
– a: indicates that the encrypted output will be base64 encoded, this allows you to view it in a text editor or paste it in an email (optional).
– d: for file decryption.

for more about OpenSSL libraries can perform and crypto operations look here

Youtube couldn’t load plug-in

for google chrome and linux  users ,the solution that is most popular to overcome this problem and watch youtube videos is going to tools > task manager ,kill process ,load again the video of interest and done !

even if it not works try disabling libpepflashplayer , by typing at browser bar : chrome://plugins/ . 

If you want to be more thorough , you can remove  ~/.config/google-chrome/PepperFlash

either way it worked for me thnx to askubuntu here

TOR-PROJECT

tor-project is a useful tool for keep your anonymity .Spying from google , facebook and others threats of our privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.

An easy way to have some privacy , or at least give a try is TOR  ,which prevents the sites you visit from learning your physical location ,changing your ip-adress and to browse the Internet anonymously.

For windows it’s easy , but for us poor debian-xfce users who prefer to use google-chrome it’s not ! So there are two ways of using tor alongside with chrome :

a) use firefox

b)try GNOME instead !

there are some issues for chrome at XFCE and you must configure GNOME  because changing proxy settings at chrome looks a bit difficult. Chromium/Chrome do not recognize the xfce desktop session as gnome but adding at ~/.bashrc :

export GNOME_DESKTOP_SESSION_ID=default

doesn’t solve the problem either …
anyway looking for some details missing , maybe make it work finaly …

installing tor will need also polipop , and proxy switchy but vidalia is not needed , step by step here

IPv6 disable

1) open terminal  and type (one by one) :

• echo “#disable ipv6″ | sudo tee -a /etc/sysctl.conf
• echo “net.ipv6.conf.all.disable_ipv6 = 1″ | sudo tee -a /etc/sysctl.conf
• echo “net.ipv6.conf.default.disable_ipv6 = 1″ | sudo tee -a /etc/sysctl.conf
• echo “net.ipv6.conf.lo.disable_ipv6 = 1″ | sudo tee -a /etc/sysctl.conf

reboot and we are done , else

2)  at terminal type :

• sudo -s
• gksu gedit /etc/modprobe.d/ath9k.conf

and type right below the last line at the text :

options ath9k nohwcrypt=1

or at terminal type : sudo gedit  /etc/sysctl.conf  , and type below the last line : net.ipv6.conf.all.disable_ipv6 = 1 .

these commands should work for ubuntu , oneiric or presice pangolin , and are used to disable ipv6 when we are sure that ipv4 is fine . To be absolutely sure  that we are using ipv4 we check the conversations tab here  .