NOTE: At the bottom of the page are directions for copying files back and forth from your host student host to ns1, www and wksta.

AES Encryption

The AES encryption tool we used in class is available on host ns1, and on the student hosts. Giving the shell command aes will show information on how to use it.

You also used the utility program md5 in the password lab. The command md5 'passphrase' gives you an md5 hash. The single quotes are needed if you have spaces in the passphrase.

We used a combination of md5 hashing and aes encryption to get passphrase protected encryption. In this lab it's a bit easier to do it the following way:

NOTE: The way these work is that, after giving the command, you enter your passphrase (you will not be prompted for it!), you then hit enter, and you then press ctrl-d once. to encrypt:
aes -e $(head | md5sum | cut -d' ' -f1) -i foo.plain -o foo.cipher

to decrypt:
aes -d $(head | md5sum | cut -d' ' -f1) -i foo.cipher -o foo.plain

Public-key RSA Encryption

You have the SI110 RSA Resources Page to use for RSA key-generation, encryption and decryption. What you need to think about is how to manage your public and private keys. One usually stores the public and private keys in separate files in your home directory, but you use symmetric (secret key) encryption to passphrase-encrypt the private key. Here's an example:

file pkikey.pubfile pkikey.pri (aes encrypted with md5 hash of flagwrap47)
(58d4a633,98f4c3ca42f00f6cbd2bf92677c97af3) e79b142734b29c9ecfa0cc9e132ca965a34cffa19f8be994d0f2e204f6adfda94e502a6c27c5f7d20b5ad5eb02a72d15

And then to recover the private key I'd give the commands:
$ md5 flagwrap47
75bfa96f1bd104477324b6f64ce8a39d 
$ aes -d 75bfa96f1bd104477324b6f64ce8a39d -i pkikey.pri
(58d4a633,98f4c3ca42f00f6cbd2bf92677c97af3)
  

Steganography with bmpsteg


The tool bmpsteg that we used to steganographically hide messages/files in bmp images is available on your student hosts. So, for example, if you had a message file msg.txt and an image file nothinspecial.bmp, you could hide the message in the image with
bmpsteg -h -i nothinspecial.bmp -o nothinspecial2.bmp -f msg.txt
... which creates the new file nothinspecial2.bmp. The message could be revealed with:
bmpsteg -r -i nothinspecial2.bmp

Copying files back and forth from student host to www, wksta and ns1

www wksta ns1

If you find yourself wanting to copy files in between your student host and www , you can use the Ubuntu file browser to make it happen. Here's how. From the top of the Desktop, click on the Places menu and choose Connect to Server.... Choose Service type "Windows share", and set the Server to whichever server you want to connect to, e.g. www.blue.net. Click the Connect button. You'll be asked for a username and password. Since this is your own network and you know all the passwords, you can use the Administrator account and do whatever you want. With the correct username/password, a GUI file browser will pop up. Double-click on the C$ icon to browse the C: drive on that host. You can drag and drop files between that host and, for example, your host's Desktop.

If you find yourself wanting to copy files in between your student host and wksta , you can use the Ubuntu file browser to make it happen. Here's how. From the top of the Desktop, click on the Places menu and choose Connect to Server.... Choose Service type "Windows share", and set the Server to whichever server you want to connect to, e.g. wksta.blue.net. Click the Connect button. Double-click on the SharedDocs icon. You can drag and drop files between that host and the Shared folder on wksta which is inside "Documents and Settings\All Users\Documents"

If you find yourself wanting to copy files in between your student host and ns1 , you can use the Ubuntu file browser to make it happen. Here's how. From the top of the Desktop, click on the Places menu and choose Connect to Server.... Choose Service type "SSH", and set the Server to whichever server you want to connect to, e.g. ns1.blue.net. Click the Connect button. You'll need to provide a username and password, like sysadmin and whatever password you have for that account.