Generating RSA Public Modulus, Public Exponent & Private Exponent As HexDecimals

I was messing around the other day with RSA encryption and came across the site http://nmichaels.org/rsa.py. It demonstrates how to use RSA encryption to encrypt/decrypt a text string. I was interested in the key generation for this, this page just has a generate button however, I wanted to understand how I could generate my own Public Modulus, Public Exponent & Private Exponent in the hexdecimal format. Continue reading

SCCM Client 32bit Client Stopping Registry Keys In SYSWOW64 Context Only Using SYSNATIVE

Background

I use SCCM, Operating System Deployment (OSD) and Microsoft Deployment Toolkit (MDT) 2010 update 1 to deploy Windows 7 SP1 (x64) and application installs during the build process.  The problem was a .vbs script which populates some auto-logon keys called via SCCM OSD during the application installation process was being hit with registry redirection, forcing any registry entries to go into
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\WinLogon
rather than HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon. Continue reading

Windows 7, Windows XP Enable A Domain Or Local Auto Log On Via Registry Keys

Within Windows it is sometimes necessary for a device to automatically log on, without prompting a user for a user id or password.  This could be for the purpose of running a device as a kiosk, where a the device starts auto logs on and then the kiosk application loads full screen without any user interaction.  There are obvious security issues with this, and to keep this article simple and concise lets ignore these for the time being. This article shows how it is possible with adding the appropriate registry keys. Continue reading

Configuring Domain & User Mailbox Quotas in Dovecot via PostfixAdmin on Ubuntu 12.04LTS

Background

This article attempts to document how to configure Dovecot and domain & users’ mailbox quota sizes using information contained within PostfixAdmin and its associated tables.

During PostfixAdmin install time, the database is requested where PostfixAdmin can store additional tables.  Selecting the same database as postfix itself neatly installs these additional tables, that can then be used by Dovecot to monitor mailbox quota sizes. Continue reading

Configure Postfix, PostfixAdmin, Dovecot & SMTP-Auth SASL Using MySQL on Ubuntu 12.04 LTS

Background

This article sets out the steps needed to support multiple domains and their users’ email accounts allowing them to recieve emails via secure IMAP and send emails via a secure SMTP server using their POP3/IMAP credentials.  This is particularly useful for mobile users (road warrior) who may not have a consistent ISP provided SMTP server.

  • Recieve emails, using IMAPS or POP3S via Dovecot
  • Configuring Postfix to receive and send emails for virtual domain, and emails accounts
  • Configure SASL to provide a method of authenticating users email users to allow them access to the Postfix SMTP in order to send emails securely.
  • Easy delegated management of virtual domain mailboxes using PostfixAdmin

This article has been put together from countless other articles so that it should provide an all inclusive set of instructions.

Continue reading

Windows XP (x64) & Lenovo S30 Workstation SATA & SAS Drivers Via RIS

I have the challenge of trying to get Windows XP (x64) work on some of the most recent hardware.  SATA and the newer SAS Drivers are quite a challenge on these devices, as was proving the case when I was trying to get them to work on the Lenovo S30.  During Remote Installation Services (RIS) kept reporting “corrupted driver messages” when trying to put the two sets of drivers Continue reading

SCCM OSD ‘No Boot Action for Device (x) found

I was receiving the above message ‘No Boot Action for Device(32123) found.’  on the PXE service point server, in smspxe.log.

The number (32123) is the resource ID of the computer object found at that SCCM site.  The device was in a collection which had an advertisement pointing to a OSD Task sequence with a valid boot image.  I realised that the message is a little misleading.  I deal with a number of boot images and this particular boot image specified in this advertised Operating System Task Sequence was not on the SMSPXE$ share (i.e. not on the distribution point). 

So things to look out for :

  • Make sure that the OSD task sequence boot images are on the distribution point
  • That the task sequence you are using have a valid boot image, easy to decommision a boot image without updating your OSD task sequence 

Installing an Solid State Hard Drive without re-installing on Windows 7 Using Image For Windows

I was very lucky to receive a Solid State Drive (SSD), a splendid present from a group of friends to mark a milestone Birthday.  It was an OCZ Agility III 240GB drive, which I wanted to install inside my main machine as the system drive, however I was not so keen at the prospect of having re-install my Windows 7 Operating System. Continue reading

OpenVPN server.key file not in RSA format for pfSense v1.2.3a

Quote

Recently I was trying to set up an OpenVPN server on pfSense using an Ubuntu 11.10.  Following the guides http://doc.pfsense.org/index.php/VPN_Capability_OpenVPN I found I ran into a problem when generating the “server.key” file using the easy-rsa toolset that comes with OpenVPN.  It was producing a server.key file with the following headers and footers :

-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----

pfSense v.1.2.3a OpenVPN server.key setup was expecting it to read as follows :

-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----

This —-BEGIN PRIVATE KEY—- results in a error message in pfSense when it tries to use save the settings, and before you maybe tempted to try, you cannot simply rename the header and footer by adding “RSA” as this results in invalid key errors when the vpn is initiated, these are found in the pfSense error logs.

It seems it is something to do with the version of OpenSSL I was running on the rig.  On my older 10.04 Ubuntu installation I had OpenSSL 0.98a on my newer 11.10 rig I have OpenSSL 1.0.0e 6 Sep 2011.  Creating the server.key on 0.98a by default created the RSA PRIVATE KEY, creating the server.key on 1.0.0e did not create a RSA Private Key, but an encrypted PRIVATE KEY.

Running the following :

openssl rsa -in server.key -out decryptedserver.key

generated the RSA decrypted server.key file that can simply be cut and pasted into the pfSense v1.2.3a OpenVPN server configuration page.  Solved!