Based on http://stackoverflow.com/questions/13127352/checking-alternative-names-for-a-san-ssl-cert Replace "facebook.com" with the desired hostname. Show Sample Output

This will extract the public key that is stored in the private key using openssl. Show Sample Output

Downloads a CRL file, determines the expiration time, and checks when it will expire Show Sample Output

A bitcoin "brainwallet" is a secret passphrase you carry in the "wallet" of your brain. The Bitcoin Brainwallet Private Key Calculator calculates the standard base58 encoded bitcoin private key from your "brainwallet" passphrase. The private key is the most important bitcoin number. All other numbers can be derived from it. This command uses 3 other functions - all 3 are defined on my user page: 1) brainwallet_exponent() - search for Bitcoin Brainwallet Exponent Calculator 2) brainwallet_checksum() - search for Bitcoin Brainwallet Exponent Calculator 3) b58encode() - search for Bitcoin Brainwallet Base58 Encoder Do make sure you use really strong, unpredictable passphrases (30+ characters)! http:brainwallet.org can be used to check the accuracy of this calculator. Show Sample Output

A bitcoin "brainwallet" is a secret passphrase you carry in your brain. The Bitcoin Brainwallet Exponent Calculator is the second of three functions needed to calculate a bitcoin PRIVATE key. Roughly, checksum is the first 8 hex digits of sha256(sha256(0x80+sha256(passphrase))) Note that this is a bash function, which means you have to type its name to invoke it Show Sample Output

A bitcoin "brainwallet" is a secret passphrase you carry in your brain. The Bitcoin Brainwallet Exponent Calculator is one of three functions needed to calculate the bitcoin PRIVATE key. Roughly, the formula is exponent = sha256 (passphrase) Note that this is a bash function, which means you have to type its name to invoke it. You can check the accuracy of the results here http://brainwallet.org Show Sample Output

client$ while true; do read -n30 ui; echo $ui |openssl enc -aes-256-ctr -a -k PaSSw ; done | nc localhost 8877 | while read so; do decoded_so=`echo "$so"| openssl enc -d -a -aes-256-ctr -k PaSSw`; echo -e "Incoming: $decoded_so"; done This will establish a simple encrypted chat with AES-256-CTR using netcat and openssl only. More info here https://nixaid.com/encrypted-chat-with-netcat/

Create compressed, encrypted backup from $source to $targetfile with password $key and exclude-file $excludefile

This command is used to verify a sha256sum-formatted file hash list on IBM AIX or any other UNIX-like OS that has openssl but doesn't have sha256sum by default. Steps: 1: Save to the filesystem a script that: A: Receives as arguments the two parts of one line of a sha256sum listing B: Feeds a file into openssl on SHA256 standard input hash calculation mode, and saves the result C: Compares the calculated hash against the one received as argument D: Outputs the result in a sha256sum-like format 2: Make the script runnable 3: Feed the sha256sum listing to xargs, running the aforementioned script and passing 2 arguments at a time Show Sample Output

To decrypt: openssl aes-256-cbc -d -in secrets.txt.enc -out secrets.txt.new Reference: http://tombuntu.com/index.php/2007/12/12/simple-file-encryption-with-openssl Optional parameter -a makes output base64 encoded, can be viewed in text editor or pasted in email

Create an AES256 encrypted and compressed tar archive. User is prompted to enter the password. Decrypt with: openssl enc -d -aes256 -in <file> | tar --extract --file - --gzip

At times you will need to safeguard your files. Use OpenSSL's native rc4 encryption to do so. 'nopad' removes padding and 'nosalt' removes random salt being added to the file.

Strip a password from a openssl key to use with apache httpd server

regenerateCSR original.crt new.key new.csr Show Sample Output

This will create, in the current directory, a file called 'pk.pem' containing an unencrypted 2048-bit RSA private key and a file called 'cert.pem' containing a certificate signed by 'pk.pem'. The private key file will have mode 600. !!ATTENTION!! ==> this command will overwrite both files if present.

Another option is openssl.

No need to install yet another program when openssl is already installed. :-)

macchanger will allow you to change either 1) mfg code, 2) host id, or 3) all of the above. Use this at wifi hotspots to help reduce profiling. Show Sample Output

Use the following variation for FreeBSD: openssl rand 6 | xxd -p | sed 's/\(..\)/\1:/g; s/:$//'

Finds all cert files on a server and lists them, finding out, which one is a symbolic link and which is true. You want to do this when a certificate expires and you want to know which files to substitute with the new cert. Show Sample Output