httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From SAQIB <sa...@seagate.com>
Subject [users@httpd] OT: scheme for encrypting Private Keys
Date Sun, 24 Aug 2003 14:33:10 GMT
Warning: This may be offtopic. I just want to know wat other admins do in
similar situations. Thanks.

Hello All,

I am the process of setting up a few a SSL enabled Web Servers, that will
be  administered by various admins. I m planning to encrypt all the
private keys.

I do not want to use the same pass phrase for all the keys, since I do
not want any one admin to know the passphrase for all the servers.

But at the same time I need to come with a easy scheme to generate
passwords, so that I don't have write them down, or remember
them all.

So here is what I am thinking of doing:

The Scheme to create password would to be concat the:
servername+installation_date+serveradmin+other_fields.....

and then generate a one-way hash of this phrase using MD5, and then use
the one-way hash as the passphrase.

one-way MD5 hash will prevent any of the admin to figure out the
password generation scheme. But I on the other hand, will be to figure out
a password for any particular private key whenever I need. Offcourse I
will not share the scheme with anyone.

What are the pros and cons of doing something like this.

Thanks

Saqib Ali
---------
http://www.xml-dev.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message