https://elated-raman-42e0c2.netlify.app/tags/security/Recent content in Security on Sawyer Zheng's BlogHugozh-cnTue, 16 Jul 2024 00:00:00 +0000https://elated-raman-42e0c2.netlify.app/post/notes/security/dongle_%E5%8A%A0%E5%AF%86%E7%8B%97/Tue, 16 Jul 2024 00:00:00 +0000https://elated-raman-42e0c2.netlify.app/post/notes/security/dongle_%E5%8A%A0%E5%AF%86%E7%8B%97/<div id="outline-container-headline-1" class="outline-2"> <h2 id="headline-1"> 加密狗厂家品牌 </h2> <div id="outline-text-headline-1" class="outline-text-2"> <ul> <li> <p>sentinel</p> <ul> <li><a href="https://cpl.thalesgroup.com/software-monetization/all-products/sentinel-hl-pro">https://cpl.thalesgroup.com/software-monetization/all-products/sentinel-hl-pro</a></li> <li><a href="https://www.thalesgroup.cn/sentinel/">https://www.thalesgroup.cn/sentinel/</a> 国内网址</li> <li><a href="https://www.sentinel.net.cn/sentinel/%E5%9C%A3%E5%A4%A9%E8%AF%BA%E5%8F%8A%E8%B6%85%E7%BA%A7%E7%8B%97%E6%96%87%E6%A1%A3%E4%B8%8B%E8%BD%BD.html">圣天诺文档下载，超级狗superdog文档下载，圣天诺LDK文档下载</a></li> </ul> </li> </ul> </div> </div> <div id="outline-container-headline-2" class="outline-2"> <h2 id="headline-2"> 资源 </h2> <div id="outline-text-headline-2" class="outline-text-2"> <div id="outline-container-headline-3" class="outline-3"> <h3 id="headline-3"> sentinel 加密狗 </h3> <div id="outline-text-headline-3" class="outline-text-3"> <ul> <li> <p>软件下载：</p> <ul> <li><a href="https://supportportal.thalesgroup.com/csm?id=kb_article_view&amp;sys_kb_id=c2241c1d1bb41890f12064606e4bcb3e&amp;sysparm_article=KB0021845">https://supportportal.thalesgroup.com/csm?id=kb_article_view&amp;sys_kb_id=c2241c1d1bb41890f12064606e4bcb3e&amp;sysparm_article=KB0021845</a></li> </ul> </li> </ul> </div> </div> </div> </div>https://elated-raman-42e0c2.netlify.app/post/notes/network/security/Wed, 03 Jan 2024 00:00:00 +0000https://elated-raman-42e0c2.netlify.app/post/notes/network/security/<div id="outline-container-headline-1" class="outline-2"> <h2 id="headline-1"> 工具列表 </h2> <div id="outline-text-headline-1" class="outline-text-2"> <ul> <li> <p>漏洞利用工具 metasploit</p> <ul> <li><a href="https://zhuanlan.zhihu.com/p/617231448">Metasploit 入门到高级【第一章】 - 知乎</a></li> </ul> </li> </ul> </div> </div>https://elated-raman-42e0c2.netlify.app/post/notes/linux/password-store/Wed, 07 Dec 2022 00:00:00 +0000https://elated-raman-42e0c2.netlify.app/post/notes/linux/password-store/<div id="outline-container-headline-1" class="outline-2"> <h2 id="headline-1"> 参考 </h2> <div id="outline-text-headline-1" class="outline-text-2"> <ul> <li> <p>官方</p> <ul> <li><a href="https://www.passwordstore.org/">Pass: The Standard Unix Password Manager</a></li> </ul> </li> <li> <p>windows 支持</p> <ul> <li> <p>QtPass</p> <ul> <li>GUI 工具</li> <li><code>choco install qtpass</code></li> </ul> </li> <li> <p>pass-winmenu</p> <ul> <li>GUI 工具</li> </ul> </li> <li> <p>pass4win</p> <ul> <li><code>choco install pass4win</code></li> <li>已经停止开发</li> <li>GUI 工具</li> </ul> </li> </ul> </li> <li> <p>emacs</p> <ul> <li> <p>password-store.el</p> <ul> <li>需要 <code class="verbatim">pass</code> 命令存在</li> </ul> </li> </ul> </li> </ul> </div> </div> <div id="outline-container-headline-2" class="outline-2"> <h2 id="headline-2"> QtPass </h2> <div id="outline-text-headline-2" class="outline-text-2"> <p>教程：</p> <ul> <li><a href="https://carson.fenimorefamily.com/?p=369">Setting up GPG/qtpass/pwgen for windows | Carson Fenimore&#39;s Blog</a></li> </ul> <div id="outline-container-headline-3" class="outline-3"> <h3 id="headline-3"> 安装 </h3> <div id="outline-text-headline-3" class="outline-text-3"> <div class="src src-bat"> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bat" data-lang="bat"><span class="line"><span class="cl">winget install gpg </span></span><span class="line"><span class="cl">winget install qtpass</span></span></code></pre></td></tr></table> </div> </div> </div> </div> </div> <div id="outline-container-headline-4" class="outline-3"> <h3 id="headline-4"> 注意 </h3> <div id="outline-text-headline-4" class="outline-text-3"> <ol> <li>gpg 导入的 secret-key 需要先 trust, 才能使用</li> <li> <p><code>gpg --edit-key [fingerprint]</code> 命令 trust 给定 key</p>https://elated-raman-42e0c2.netlify.app/post/notes/emacs/auth-and-password/Sun, 04 Dec 2022 00:00:00 +0000https://elated-raman-42e0c2.netlify.app/post/notes/emacs/auth-and-password/<div id="outline-container-headline-1" class="outline-2"> <h2 id="headline-1"> 工具 </h2> <div id="outline-text-headline-1" class="outline-text-2"> <ul> <li> <p>auth-source 库</p> <ul> <li>emacs 管理 auth 的工具库</li> <li><a href="info:auth#Top">auth#Top</a></li> </ul> </li> <li> <p>password-store</p> <ul> <li> <p>官方：</p> <ul> <li><a href="https://www.passwordstore.org/">Pass: The Standard Unix Password Manager</a></li> </ul> </li> <li> <p>使用 linux pass 密码管理工具</p> <ul> <li>使用路径名＋文件存储密码</li> <li>使用 gpg 加密</li> </ul> </li> <li> <p>相关库</p> <ul> <li>pass major mode: <a href="https://github.com/NicolasPetton/pass">GitHub - NicolasPetton/pass: A major mode for password-store</a></li> <li>pass-store.el: <a href="https://git.zx2c4.com/password-store/tree/contrib/emacs/password-store.el">password-store.el « emacs « contrib - password-store - Simple password manage…</a></li> <li>ivy-pass: <a href="https://github.com/ecraven/ivy-pass">GitHub - ecraven/ivy-pass: ivy interface for pass</a></li> </ul> </li> </ul> </li> </ul> </div> </div> <div id="outline-container-headline-2" class="outline-2"> <h2 id="headline-2"> auth-source </h2> <div id="outline-text-headline-2" class="outline-text-2"> <div id="outline-container-headline-3" class="outline-3"> <h3 id="headline-3"> .netrc 格式 </h3> </div> </div> </div> <div id="outline-container-headline-4" class="outline-2"> <h2 id="headline-4"> password-store </h2> <div id="outline-text-headline-4" class="outline-text-2"> <p>特点：</p>https://elated-raman-42e0c2.netlify.app/post/notes/security/security/Wed, 12 Oct 2022 00:00:00 +0000https://elated-raman-42e0c2.netlify.app/post/notes/security/security/<div id="outline-container-headline-1" class="outline-2"> <h2 id="headline-1"> 相关技术 </h2> <div id="outline-text-headline-1" class="outline-text-2"> <ul> <li> <p>JWT: Json web token</p> <ul> <li><a href="https://baobao555.tech/archives/40">JWT详解</a></li> </ul> </li> <li>OAuth</li> </ul> </div> </div> <div id="outline-container-headline-2" class="outline-2"> <h2 id="headline-2"> 术语 </h2> <div id="outline-text-headline-2" class="outline-text-2"> <ul> <li>认证 authentication</li> <li>授权 authorization</li> <li> <p>令牌 token</p> <ul> <li>参考：<a href="https://blog.csdn.net/xat2099/article/details/120805102">什么是Token(令牌）_一只技术瞄的博客-CSDN博客_token</a></li> </ul> </li> </ul> <div id="outline-container-headline-3" class="outline-3"> <h3 id="headline-3"> 认证 Vs 授权 </h3> <div id="outline-text-headline-3" class="outline-text-3"> <p>参考：</p> <ul> <li><a href="https://blog.csdn.net/u011537073/article/details/72876139">认证 (authentication) 和授权 (authorization) 的区别_LarryHai6 的博客-CSDN博客_authenticatio…</a></li> <li><a href="https://www.jianshu.com/p/b9d502660fb4">https://www.jianshu.com/p/b9d502660fb4</a></li> </ul> <ol> <li> <p>认证：身份的证明</p>https://elated-raman-42e0c2.netlify.app/post/notes/encryption/encryption/Sun, 16 May 2021 00:00:00 +0000https://elated-raman-42e0c2.netlify.app/post/notes/encryption/encryption/<div id="outline-container-headline-1" class="outline-2"> <h2 id="headline-1"> 教程 </h2> <div id="outline-text-headline-1" class="outline-text-2"> <ul> <li><a href="https://blog.csdn.net/chenleiking/article/details/78448784">加密概念</a></li> <li><a href="https://www.zhihu.com/question/25912483/answer/2287241608">RSA的公钥和私钥数学机理</a></li> </ul> </div> </div> <div id="outline-container-headline-2" class="outline-2"> <h2 id="headline-2"> 工具 </h2> <div id="outline-text-headline-2" class="outline-text-2"> <ul> <li>openssh</li> <li>tls/ssl</li> <li>GnuPG</li> <li> <p>seahorse</p> <ul> <li>密钥管理 GUI</li> </ul> </li> </ul> </div> </div> <div id="outline-container-headline-3" class="outline-2"> <h2 id="headline-3"> TLS 和 CA </h2> <div id="outline-text-headline-3" class="outline-text-2"> <ul> <li> <p>教程</p> <ul> <li><a href="http://www.ruanyifeng.com/blog/2011/08/what_is_a_digital_signature.html">简单易懂</a></li> <li><a href="https://blog.csdn.net/chenleiking/article/details/78448784">TLS 协议握手流程</a></li> </ul> </li> </ul> <div id="outline-container-headline-4" class="outline-3"> <h3 id="headline-4"> 概念 </h3> <div id="outline-text-headline-4" class="outline-text-3"> <dl> <dt> CA </dt> <dd>Certificate Authority 证书办法机构</dd> <dt> CA 证书 </dt> <dd> <p><code class="verbatim">公钥</code> 和 <code class="verbatim">被颁发者信息</code> 被 CA 机构的 <code class="verbatim">私钥</code> 加密后生成</p> <dl> <dt> 用途 </dt> <dd> <ol> <li>验证被颁发者 2) 获取公钥</li> </ol> </dd> <dt> 解密方法 </dt> <dd>使用 CA 机构的 <code class="verbatim">公钥</code> 解密</dd> </dl> </dd> <dt> CA 公钥 </dt> <dd> <p>CA 机构公钥</p>