EnglishFrenchSpanish

OnWorks favicon

openvpn-vulnkey - Online in the Cloud

Run openvpn-vulnkey in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command openvpn-vulnkey that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


openvpn-vulnkey — check blacklist of compromised keys

SYNOPSIS


openvpn-vulnkey [-q] file ...

DESCRIPTION


openvpn-vulnkey checks a key against a blacklist of compromised keys.

A substantial number of keys are known to have been generated using a broken version of
OpenSSL distributed by Debian which failed to seed its random number generator correctly.
Keys generated using these OpenSSL versions should be assumed to be compromised. This tool
may be useful in checking for such OpenVPN shared static keys. See openssl-vulnkey(1) for
details on checking SSL/TLS certificates.

Keys that are compromised cannot be repaired; replacements must be generated using
openvpn(8). Shared keys can be regenerated with:

$ openvpn --genkey --secret file

The options are as follows:

-q Quiet mode. openvpn-vulnkey(1). Normally, openvpn-vulnkey outputs the fingerprint
of each key scanned, with a description of its status. This option suppresses that
output.

BLACKLIST MD5SUM FORMAT


The blacklist file may start with comments, on lines starting with “#”. After these initial
comments, it must follow a strict format:

· Each line must consist of the lower-case hexadecimal MD5 key fingerprint, and with
the first 12 characters removed (that is, the least significant 80 bits of the
fingerprint).

The key fingerprint may be generated using

$ cat file.pem | sed '/^[^0-9a-f]/d' | md5sum | cut -d ' ' -f 1

This strict format is necessary to allow the blacklist file to be checked quickly.

Use openvpn-vulnkey online using onworks.net services


Free Servers & Workstations

Download Windows & Linux apps

  • 1
    PostInstallerF
    PostInstallerF
    PostInstallerF will install all the
    software that Fedora Linux and others
    doesn't include by default, after
    running Fedora for the first time. Its
    easy for...
    Download PostInstallerF
  • 2
    strace
    strace
    The strace project has been moved to
    https://strace.io. strace is a
    diagnostic, debugging and instructional
    userspace tracer for Linux. It is used
    to monitor a...
    Download strace
  • 3
    gMKVExtractGUI
    gMKVExtractGUI
    A GUI for mkvextract utility (part of
    MKVToolNix) which incorporates most (if
    not all) functionality of mkvextract and
    mkvinfo utilities. Written in C#NET 4.0,...
    Download gMKVExtractGUI
  • 4
    JasperReports Library
    JasperReports Library
    JasperReports Library is the
    world's most popular open source
    business intelligence and reporting
    engine. It is entirely written in Java
    and it is able to ...
    Download JasperReports Library
  • 5
    Frappe Books
    Frappe Books
    Frappe Books is a free and open source
    desktop book-keeping software that's
    simple and well-designed to be used by
    small businesses and freelancers. It'...
    Download Frappe Books
  • 6
    Numerical Python
    Numerical Python
    NEWS: NumPy 1.11.2 is the last release
    that will be made on sourceforge. Wheels
    for Windows, Mac, and Linux as well as
    archived source distributions can be fou...
    Download Numerical Python
  • More »

Linux commands

Ad