We present a Java library that simplifies adopting the Open Policy Agent server to manage user authorization for a Spring Boot microservice, while also managing API Token (JWT) authentication. Motivation Spring Security assumes a fairly simplistic Role-Based access control (RBAC) where the service authenticates the user (via some credentials, typically username/password) and returns a UserDetails … More Integrating Open Policy Agent with Spring Security Reactive and JSON Web Tokens
With the 0.5.0 version just released, crytto now allows file sharing (e.g., via email) by sharing public keys: encrypt_send -o /tmp/my-secret.enc \ -p /home/marco/.ssh/my-key.pub \ ./my-secret.doc This generates an encrypted file (in the location specified with the -o option) and an equally encrypted “passphrase” which can then be sent (ideally via a separate sharing mechanism; although, as … More File Encryption Utility now offers file sharing
A new release of the Crytto library (0.4.0) has just been published, which greatly simplifies encrypting (and decrypting) files The new release adds the decrypt script which, when combined with the existing automatic retrieval of the encryption key from the keystore, makes it a breeze to decrypt files. For example, if you had encrypted your … More File Encryption (and Decryption) Made Easy
If you have recently upgraded your MacOS laptop/desktop to 10.12.14, you will have noticed that now the System Preferences icon in the doc shows a mysterious “notification badge”: Just opening System Preferences shows absolutely no clue as to where the notification is coming from, nor what to do about it. It turns out that Apple … More What does the Notification “badge” on MacOS System Preferences icon really mean?
overview Uses OpenSSL library to encrypt a file using a private/public key pair and a one-time secret. A full description of the process can be found here. configuration This uses a YAML file to describe the configuration; by default it assumes it is in /etc/filecrypt/conf.yml but its location can be specified using the -f flag. … More filecrypt – OpenSSL file encryption
Private/Public keypair Create the private key (one-off): openssl genrsa -out ~/.ssh/key.pem 2048 chmod 400 ~/.ssh/key.pem then extract the public key from it: openssl rsa -in ~/.ssh/key.pem -out ~/.ssh/key.pub -outform PEM -pubout NOTE The whole mechanism revolves around keeping the secret key key.pem, well, secret. This is the only critical part of the scheme. Everything else, … More HOW-TO Encrypt an archive file