I've been looking at my personal site recently, and feel it's been neglected over the last few years. While I've mostly used the domain for email, I think it's time to start working on some basic content again. Hopefully in the upcoming weeks / months there should be a lot more useful content here for others.
Several friends of mine who enjoy running LAMP (Or WAMP) tend to ask for help installing PHPMyAdmin. It's a great administration and development tools that is incredibly easy to install.
There only major requirements for the latest PHPMyAdmin builds is PHP5.2+ and MySQL 5. To check compatability, upload a PHPINFO file. As long as your PHP version (Should be at the very TOP of the page) is 5.2 or higher, and your MySQL version (found under the MySQL tab as "Client API version" is 5 or higher, you should be ready to install it.
To Create a PHPINFO file, add the following to a file, and upload it to your server.
PhpMyAdmin is just a normal PHP script used to manipulate MySQL databases. To install it simply download the latest release with your preferred archive type here, and extract & upload to your server. If you wish to use only your MySQL database login, all you will need to edit is the config.sample.inc.php and enter a blowfish secret. This is used as a salt for cookie-based authentication. Once you're done entering some random text, save this file as config.inc.php and your PHPMyAdmin should now be functional!
One of the companies I own has a lot of clients who generally inquire if they need either 1024, or 2048 bit private keys when generating a keypair for SSL on their website. I've never recommended either, as 4096 private are far more secure with only a slight performance reduction.
The only downside is certain proprietary applications, and old browsers aren't setup to handle 4096 bit. I've rarely run into problems with compatability, but I believe it should be strongly deployed as to influence those developers to upgrade their cryptography backends.
Some How To's:
Generating a 4096 bit RSA key with OpenSSL.
Encrypted key file. (Make sure you note down your password as if you lose it, your key is USELESS!)
openssl genrsa -des3 -out my.key 4096
Non-encrypted key file.
openssl genrsa -out my.key 4096
Generating a CSR (Certificate Signing Request) for a CA (Certificate Authority).
If you wish to make a CSR to have your public key signed by a CA such as Verisign/Geotrust/Globalsign.
openssl req -new -key my.key -out my.csr
You should NEVER give out your private key to your CA or anyone! Store it in a safe place, with a backup. Some CA's will NOT reissue lost or compromised certificates.
Signing your own key.
openssl x509 -req -days 730 -in my.csr -signkey my.key -out my.crt
Signing your key will save you the few bucks a year a CA will charge you, but it will not be recognized by others unless they import your certificate. Self-signed SSL's are great for hobby-use, or running internal servers, but are useless for any real public use. There ARE free (albeit less trusted CA's) such as Startcom that will sign domain-based certificates for free.
This is my little plot on the internet. The purpose of my blog is to share knowledge, and hopefully help others with their quests.
A little about me:
My name is Kevin Bauer, I was born in Ottawa, ON (The capital of Canada). I started tinkering with PC's at a very young age, and have since been working with them on all sorts of tasks. My main interests are system administration, cyber security, network security (and penetration testing), cryptography, amateur radio and more! If you share my same interests, and want to share information be sure to drop me a line at [email protected]! (Don't forget to include your GPG key!)