Squoggle
Mac's tech blog
Category Archives: Sys Admin
Citrix Client on Linux Mint
Posted by on November 19, 2019
This is my document for attempting to install the Citrix Workspace App on Linux Mint.
Version of Mint is 18.3 Cinnamon 64-bit
Go to Citrix download site:
https://www.citrix.com/downloads/workspace-app/linux/workspace-app-for-linux-latest.html
Near the bottom of the page you will be presented with 3 versions:
- Full Packages (Self-Service Report)
- Web Packages (Web Workspace App Only)
- USB Support Packages
For this I’m going to get the Full Packages. I found the package for my version of Linux. (amd64.deb)
Download that to a directory on your PC then right click on the package and open with the GDebi Package Installer.
Install the package.
Open the URL of your Citrix Implementation and put in your credentials
Firefox DNS over HTTPS
Posted by on November 12, 2019
You can have all of your DNS queries that originate from Firefox go over HTTPS instead of a plain text query as would happen in a normal DNS query.
This only applies to Firefox. This is typically called DoH which stands for DNS over HTTPS.
Enable DoH:
Click the Menu button and then click Preferences
Click General on the left side of the screen then scroll down to the bottom of the screen and find Network Settings and click the Settings button.
Check the Enable DNS over HTTPS checkbox
Use the default provider Cloudflare. Then click OK
Your DNS queries that Firefox does will now be redirected to Cloudflare DNS servers and not your local or ISP DNS servers.
Exceptions:
There are certain web applications that don’t seem to work using DoH. They are somehow smart enough to know you are using DoH and don’t want you to. You can add exceptions to the rules to get around this. Make sure that the exceptions to the rules do not negate your reasons to do DoH in the first place.
To add exceptions:
Type about:config into the address bar of Firefox.
In the search bar type network.trr.excluded-domains to find the setting where you can add exclusions.
Double click the setting. You can now add comma separated domains to this list that will be excluded from doing DoH.
Make sure you remember that you have exceptions or you could get in some trouble.
Linux Mint 19.x
Posted by on November 1, 2019
Linux Mint 19.x
These are my notes on Linux Mint 19.x. If you find this and think it is useful, leave a comment and say what you like or don’t like. Keep in mind these are my own notes and are not intended to be a HowTo for the general public.
Install the OS from the USB Flash Drive. I chose to simply overwrite the existing version of Mint (19.1) that had already been installed on my laptop. I also chose to encrypt my home directory.
My first order of business is to make the native monitor and external monitor both set to the same resolution of 1920×1080 (16:9). The native laptop monitor supports a higher resolution of 2560×1440 but the screen is so small that it is very hard to see at that resolution so I’m standardizing both monitors at 1920×1080.
Get up and Running:
Here’s what I did to get up and running and customized the way I like it:
Update Everything:
-
- The first thing to do is open the Update Manager and update everything. The Update Manager is the little shield icon in the task bar down in the right hand corner. Open that up and click OK to dismiss the initial startup screen.
- You will be presented with a prompt to take a System Snapshot. I’m going to put this off until I have updated everything.
- You will see a message that a new version of Update Manager is available. Click the ‘Apply the Update’ button to install it.
- Once that is installed you will be presented with a list of updates that can be applied.
- Apply all the updates. It is a good idea to reboot after all the updates.
Video Drivers:
After I rebooted I got a pop up box that said to “Check your video drivers”. I launched the Driver Manager and entered my password. My software cache was updated. Then an NVIDIA Driver Manager opened up. It showed that the nouveau driver was installed, but the recommended driver was nvidia-driver-435 which I checked then “Apply Changes”. You will need to reboot after this.
System Reports:
Down in the bottom right corner of the desktop you may see a little triangular warning icon. This is the ‘System Reports’ application. Go ahead an open this up. You should see a list of detected problems that need to be addressed. Go ahead and resolve the issues. The last item in ‘System Reports’ is to configure the System Snapshot tool Timeshift. See the next section for this.
System Snapshot:
You will be asked to choose between RSYNC and BTRFS. Typically this is going to be RSYNC.
A blurb about BTRFS.
- First you have to have had installed the base OS with BTRFS file system for this to even be an option. In my case I did not want to use the BTRFS file system.
- Second the snapshot can only be installed on the same disk from which they are created. If your drive goes bad you’re screwed. Choose RSYNC.
A blurb about RSYNC:
- RSYNC snapshots are created by creating copies of system files using rsync and hard-linking unchanged files from previous versions.
- All files are copied when the first snapshot is created. Subsequent snapshots are incremental.
- Snapshots can be saved to any disk formatted with a Linux File system which means the snapshot can be external. In my case an attached USB memory stick.
I’m using a USB 3.0 Flash Stick.
When you run the setup wizard you will be asked to select your snapshot levels. I checked off Monthly, Weekly, Daily, Hourly & Boot and kept the default keep levels on each one.
I also included root and my user’s home directories and selected “Include All”.
Sudoers:
Edit the /etc/sudoers file so you don’t have to put your password in each time:
$ sudo visudo
There’s a line that looks like this:
%sudo ALL=(ALL:ALL) ALL
Comment out that line and replace it with a line that looks like this:
%sudo ALL=(ALL) NOPASSWD: ALL
Install openssh server:
Install SSH Server so you can ssh to the host:
$ sudo apt install openssh-server -y
Test ssh to the new host. You may during this process encounter an error regarding an “Offending ECDSA key in ~/.ssh/known_hosts”. This is easily resolved by deleting the referenced line in ~/.ssh/known_hosts.
SSH Keys:
Now that you can ssh to your new host you will want to be able to ssh using your ssh key instead of password. From the remote host do this:
$ ssh-copy-id -i ~/.ssh/id_rsa.pub [newhostname]
The above assumes the user name on the new host is the same as the user on the remote host. If not you can do the command like this:
$ ssh-copy-id -i ~/.ssh/id_rsa.pub [user]@[newhostname]
You will be prompted to enter the password for the New Host. It will copy over your public ssh key from ~/.ssh/id_rsa.pub. This assumes your public ssh key is indeed ~/.ssh/id_rsa.pub.
You should be able to ssh to the new host now without entering your password.
(Optional) Now copy all the ~/.ssh directory contents from your remote host into this host so you have the keys, the known hosts and authorized keys files from your user on the old remote host and now have them on your new host.
From the remote host:
$ cd ~/.ssh
$ scp -r * [new-host-name]:~/.ssh
Copy /etc/hosts to new host:
Now copy the /etc/hosts file from old host to new host. From the old host:
$ sudo scp /etc/hosts [new-host-name]:~
On the new host edit the file and change the local host name on line 2 to the name of your new host.
Now copy the file into place:
$ sudo mv hosts /etc/hosts
Check it like this:
$ cat /etc/hosts
Install Dropbox:
Install Dropbox:
sudo apt install dropbox
Then go to start menu and find Dropbox and run it.
You will get a message that says in order to use Dropbox you must download the proprietary daemon. Click OK
A Web Page will pop up where you enter your credentials. Do so.
Install Insync:
Don’t use this. It does not work and sync of files does not happen. Tired of using it.
I want to sync my Google Drive locally. To do that I’m using Insync.
First, add Insync’s public GPG key to allow apt to authenticate the Insync repository:
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ACCAF35C
You should see something like this that shows that it was successful:
gpg: key A684470CACCAF35C: public key "Insynchq Inc <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
If the previous command did not work, use this instead:
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys ACCAF35C
Now create a file /etc/apt/sources.list.d/insync.list with the following content:
deb http://apt.insync.io/mint [CODENAME] non-free contrib
Replace [CODENAME] with the Linux Mint distro codename.
To get the codename of your distro you can find it in the /etc/apt/sources.list.d/official-package-repositories.list file. You can view it like this:
$ grep mint /etc/apt/sources.list.d/official-package-repositories.list | awk '{print $3}'
This is what I see when I run the above command:
tricia
So ‘tricia’ is the codename of this version of Linux Mint. That means the line I need to insert into /etc/apt/sources.list.d/insync.list would be:
deb http://apt.insync.io/mint tricia non-free contrib
Update the apt repository:
$ sudo apt-get update
Install Insync:
$ sudo apt-get install insync
You should see a pop up that says Insync installation has finished and if you want to start it. Go ahead and start it. A wizard will pop up to walk you through setting up Insync to sync your Google Drive to a directory on your host.
Install KeePassXC:
Install KeePassXC:
$ sudo apt install keepassxc -y
Install Chrome:
You’ll need Chrome for certain things.
Go to https://www.google.com/chrome/
Click the Download Chrome button. Mine automatically downloaded into ~/Downloads. The 64 bit version was automatically selected.
Install it like this:
$ cd ~/Downloads
$ sudo gdebi google-chrome-stable_current_amd64.deb
This will automatically install a repository as well for future updates.
Install Brave
Brave is a browser that automatically blocks trackers and Spam Ads. It is very buggy. I’d probably pass on this but if you insist…
$ sudo apt install apt-transport-https curl $ curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | sudo apt-key --keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add - $ echo "deb [arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | sudo tee /etc/apt/sources.list.d/brave-browser-release.list $ sudo apt update $ sudo apt install brave-browser
Install Signal:
Go to https://signal.org/en/download/
Click on Download for Linux and follow the instructions that pop up.
Additional Software:
There are other software packages I need. I’ll do them one at a time because I don’t want to confuse error message between one package or another:
$ sudo apt install kwrite -y
$ sudo apt install kate -y
$ sudo apt install terminator -y
$ sudo apt install sshuttle -y
$ sudo apt install vim -y
$ sudo apt install sshpass -y
$ sudo apt install whatsapp-desktop -y
$ sudo apt install nfs-common -y
$ sudo apt install rofi -y
$ sudo apt install gparted -y
$ sudo apt install imagemagick -y
$ sudo apt install whois -y
For Mint 20:
$ sudo apt install warpinator -y
Spoof Mac Address:
Mac Address:
Set your custom mac address to get the IP address you want.
Go to start, search for ‘Network Connections’
Click on Wired connection 1
Click Edit
Put your custom mac address in the ‘Cloned MAC address’ box.
##:##:##:FF:FF:FE
Click Save. You should now get the IP address you are expecting.
You may need to reboot. You should get your IP address.
Mount NFS share:
Create a mount point:
$ cd ~
$ mkdir -p mnt/[nfs-server-host-name]
Edit /etc/fstab and add these lines:
# External Mounts
[nfs-server-host-name]:[path-to-nfs-export] /home/[your-user]/mnt/[nfs-server-host-name] nfs rw,soft,noauto 0 0
Edit /etc/hosts and add the IP address of Serenity
Then mount the NFS share:
$ sudo mount [nfs-server-host-name]:[path-to-nfs-export]
You will need to modify the firewall rule on the NFS server to allow connections from your new host before this will work.
https://squoggle.wordpress.com/2020/05/04/iptables/
Install Slack:
Go to https://slack.com/downloads/linux
Download the .deb 64 bit package into your ~/Downloads directory.
Then install it:
$ cd ~/Downloads
$ sudo gdebi slack-desktop*.deb
I found a packagecloud.io repo but I have no way of knowing if it is secure. I’ll try to figure out how to create my own local repo for this.
Install Synergy:
Linux Mint 19.2 is based off of Ubuntu 18.04 LTS.
Go to https://symless.com/account and sign in. Go to the download page and get the package for Synergy 2 Beta for Ubuntu 16.04 LTS and save in ~/Downloads
Install it:
$ cd ~/Downloads
$ sudo gdebi synergy_2.*.deb
This is literally the best software in the world.
There’s a gotcha if you’re trying to install this on Mint 20. Mint 20 is based on Ubuntu 20.04. Ubuntu 20.04 has updated libssl from version 1.0.0 to version 1.1.
If you attempt to install with the above instructions you will get an error regarding a failed dependency. I was able fix the dependency issue by editing the deb package using these instructions:
cd ~/tmp
cp ~/Downloads/synergy_2.0.12.beta_b1705+e5daaeda_amd64.deb .
ar x synergy_2.0.12.beta_b1705+e5daaeda_amd64.deb
tar xzf control.tar.gz
Edit the control file and replace libssl1.0.0 with libssl1.1 and save the file.
Now repackage the tar file and the deb package:
tar --ignore-failed-read -cvzf control.tar.gz postinst postrm prerm md5sums control
ar rcs synergy_2.0.12.beta_b1705+patched_amd64.deb debian-binary control.tar.gz data.tar.xz
You should now have a “patched” version of synergy 2.0.12.beta. Save that in your software store so you don’t have to do this part again.
Now you can install it with the gdebi command listed above.
The package installed fine it just does not work. I get a “There was a problem connecting to the background service.” Error.
Look at this page:
https://members.symless.com/forums/topic/6465-ubuntu-2004-support/
Near the end of the post. There might be some stuff there that helps
Fix your Profile:
Edit ~/.bashrc and change
alias ll='ls -alF'
to
alias ll='ls -lF'
Directories:
Delete extra directories you don’t like
$ cd ~
$ rm -rf Videos Templates Public
Create a symlink for mount
$ ln -s /home/mac/mnt/Serenity/ mac
Fix up your bin dir:
Set up your ~/bin directory:
$ cd ~
$ mkdir bin
Copy your scripts over from your other system.
Set your $PATH to include ~/bin
Edit ~/.bashrc and change. Add this to the bottom of the file:
# Set your path to inclue $HOME/bin
PATH="$HOME/bin:$PATH"
Date & Time:
Click on the Date in the bottom right corner.
Turn off 24 hour clock
Turn on the date
Hot Keys:
Go to System Settings > Keyboard > Shortcuts
Set up your custom hot keys:
Launchers:
Launch Terminal = Super+T
Launch Nemo = Super+E
Close Window = Super+Shift+C
Log out = Super+Shift+Q
rofi -show run = Super+R
rofi -show window = Super+Tab
Other resources:
Sed
Posted by on October 29, 2019
Down & Dirty Notes on SED
Replace a word with another word:
To replace all instances of a certain word in a file with another word:
$ sed 's/[oldword]/[newword]/' file
This will not modify the original file but output to the screen
Strip the last letter of a list of words:
If you have a file with a bunch of words that all end in the same letter, something like this:
austin1a denver1a dallas1a phoenix1a
and you want to strip the last letter off of each word you can do it with something like this:
$ sed 's/\(.*\)./\1/' file
Output is to screen.
Add a letter to the end of a list of words:
Lets say you want to add a letter to that list of words. You can do that like this:
$ sed 's/$/b/'file
This will add a letter b to the end of each word in the list.
Replace the last letter of word:
You can combine the above two commands and if you want to change all the of the a to letter b then you can do that like this:
$ sed 's/\(.*\)./\1/' file | sed 's/$/b/'
The first part of this command strips the last letter of each word. Then the second part of the command adds the letter b to the end of each word.
Add a trailing \
Many times you want to run a script against a list of servers or something. You can create a list with a space slash \ after each word in the file:
$ sed 's/$/ \\/' file
The results will look something like this:
austin1a \ denver1a \ dallas1a \ phoenix1a \
Insert text at the beginning of a word:
If you want to insert the word router at the beginning of each word you could do something like this:
$ sed 's/^/router/' file
Insert text at the end of a word:
Same as above but at the end of the word:
$ sed 's/$/router/' file
Convert commas to newline:
Lets say you have CSV list in a file that looks something like this:
austin1a,denver1a,dallas1a,phoenix1a
and you want to convert those commas into newline. You can do something like this:
$ sed -e $'s/,/\\\n/g' file
Sometimes that list will have a space after the comma like this:
austin1a, denver1a, dallas1a, phoenix1a
You can modify the command slightly like this:
$ sed -e $'s/, /\\\n/g' file
Convert TABs (White space) to Commas:
Lets say you have a TAB separated file and you want to convert it to a CSV file. An example would be something like this:
austin1a.example.com. 300 IN A 10.10.20.10 denver1a.example.com. 300 IN A 10.10.30.10 dallas1a.example.com. 300 IN A 10.10.40.10 phoenix1a.example.com. 300 IN A 10.10.50.10
This command will convert any white space to a comma:
$ sed 's/[[:space:]]\+/,/g' file
Convert multiple spaces to single space:
Or if you simply want to convert multiple spaces to a single space you can do like this:
$ sed 's/[[:space:]]\+/ /g' file
More to come…
Verifying Certs, Keys & CSRs – MD5 Sum
Posted by on September 14, 2019
Sometimes you will need to verify that a Cert or a CSR belong to a Key. You can do that by checking the MD5 sum of each file.
Get the MD5 sum from the Key:
$ openssl rsa -noout -modulus -in [key-file.key] | openssl md5
Get the MD5 sum from a CSR:
$ openssl req -noout -modulus -in [CSR-file.csr] | openssl md5
Get the MD5 sum from a Cert:
openssl x509 -noout -modulus -in [certificate-file.crt] | openssl md5
Compare the resulting numbers. If they match then your files belong to each other. If they don’t match then there has been a mixup in the files somehow.
OpenSSL Keys & CSRs
Posted by on September 14, 2019
An in depth read on OpenSSL for perusal.
https://wiki.nikhef.nl/grid/How_to_handle_OpenSSL_and_not_get_hurt_using_the_CLI
Create an Encrypted Key:
For Linux:
$ openssl genrsa -aes256 -out [encrypted.key] 2048 Generating RSA private key, 2048 bit long modulus ......+++ .......................+++ e is 65537 (0x10001) Enter pass phrase for [encrypted.key]: Verifying - Enter pass phrase for [encrypted.key]:
Enter the passphrase and verify.
You should end up with the key file in the format of [encrypted.key]
The above encrypts the key with aes256 cipher.
Create an un-encrypted key:
Optionally you can create an un-encrypted or insecure key:
$ openssl genrsa -out [un-encrypted.key] 2048
You should end up with the key file in the format of [un-encrypted.key] but the key is not encrypted.
Decrypt an encrypted key:
If you have an encrypted key and need to decrypt it:
$ openssl rsa -in [encrypted.key] -out [un-encrypted.key] Enter pass phrase for [encrypted.key]: writing RSA key
Enter the passphrase.
You should end up with a new file in the format of [un-encrypted.key]. This new file will contain the un-encrypted key.
Encrypt an un-encrypted key:
If you have an un-encrypted key and you want to encrypt it:
$ openssl rsa -aes256 -in [un-encrypted.key] -out [encrypted.key]
Enter the passphrase and verify.
You should end up with the key file in the format of [encrypted.key]
The above encrypts the key with aes256 cipher.
Check a key to see if it is encrypted:
If you’re not sure if the key is encrypted you can simply assume it is encrypted and attempt to decrypt it with no out file:
$ openssl rsa -text -noout -in [encrypted.key]
If it is encrypted it will ask for the password.
Or simply look at the first few lines of the key file to see if it is encrypted:
$ head www.jimmysbarandgrill.com.key -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-256-CBC,08C9A49D5267E47563D31DCE27429389 yJj1gFqTrRuc8VBX9Rx7LZYlmLV0+WutvYhrMBjTU+8ZDBIsmeEDxW44durw/BjS i07biVOwAIMwW7hE9oAYOiJy5JqgYuMtVT/hMwEvP9t/8ME4FUCZ1MUxGR25hg5H
Create a CSR (Certificate Signing Request) from a Key:
The key can be an encrypted key or an un-encrypted key. If it is encrypted you will be asked for the key password.
Example:
$ openssl req -new -key www.jimmysbarandgrill.com.key -out www.jimmysbarandgrill.com.csr Enter pass phrase for www.jimmysbarandgrill.com.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:Idaho Locality Name (eg, city) []:Pocatello Organization Name (eg, company) [Internet Widgits Pty Ltd]:Jimmy's Bar and Grill Organizational Unit Name (eg, section) []:Dishwashing Common Name (e.g. server FQDN or YOUR name) []:www.jimmysbarandgrill.com Email Address []:[email protected] Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
Keep in mind that the State must not be abbreviated. You should not use a challenge password. You should not use an optional company name.
Create a CSR from a Key with one liner command:
You can create the CSR from an existing Key with a one liner command or non-interactively with something like this:
openssl req -new -key www.jimmysbarandgrill.com.key -out www.jimmysbarandgrill.com.csr -subj "/C=US/ST=Idaho/L=Pocatello/O=Jimmy's Bar and Grill/OU=Dishwashing/CN=www.jimmysbarandgrill.com"
The above command assumes you already have a key created with the key name listed in the command.
Create an Un-encrypted Key & CSR with one liner command:
You can create the Un-encrypted Key and CSR with one command like this:
Example:
$ openssl req -new -newkey rsa:2048 -nodes -sha256 -out www.jimmysbarandgrill.com.csr -keyout www.jimmysbarandgrill.com.key -subj "/C=US/ST=Idaho/L=Pocatello/O=Jimmy's Bar & Grill/OU=Dishwashing/CN=www.jimmysbarandgrill.com"
The above command uses the -nodes flag to turn off encryption of the key.
Create an Encrypted Key & CSR with one liner command:
You can create an Encrypted Key with accompanying CSR with one command like this:
Example:
$ openssl req -new -newkey rsa:2048 -sha256 -out www.jimmysbarandgrill.com.csr -keyout www.jimmysbarandgrill.com.key -subj "/C=US/ST=Idaho/L=Pocatello/O=Jimmy's Bar & Grill/OU=Dishwashing/CN=www.jimmysbarandgrill.com"
Essentially you just remove the -nodes flag. This does not seem to give the opportunity of specifying the cipher to use on encrypting the key. This may or may not matter depending on the security posture. If it is important I’ve come up with a workaround hack one liner that seems to work:
$ openssl req -new -newkey rsa:2048 -nodes -sha256 -out www.jimmysbarandgrill.com.csr -keyout www.jimmysbarandgrill.com.key -subj "/C=US/ST=Idaho/L=Pocatello/O=Jimmy's Bar & Grill/OU=Dishwashing/CN=www.jimmysbarandgrill.com" && openssl rsa -aes256 -in www.jimmysbarandgrill.com.key -out www.jimmysbarandgrill.com.key
The above example creates an un-encrypted key, creates the CSR from it, then encrypts the key. This command will result in an encrypted key file named www.jimmysbarandgrill.com.key and a CSR file named www.jimmysbarandgrill.com.csr.
Now all I need to do is figure out how to remove the automatic hyperlinks on these file names above.
Check a CSR:
Now that you have the CSR you should check it to ensure it is valid. Here’s a command to display the contents of the CSR:
$ openssl req -noout -text -in [CSR-File.csr]
Using the example of the CSR that was just created it would look something like this:
$ openssl req -noout -text -in www.jimyysbarandgrill.com.csr
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=US, ST=Idaho, L=Pocatello, O=Jimmy's Bar & Grill, OU=Dishwashing, CN=www.jimyysbarandgrill.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bc:f0:e5:f5:c6:97:01:0b:ba:59:fd:2a:97:09:
4f:42:05:4c:53:bc:c3:8b:75:e6:e3:2b:e2:f7:1f:
8b:90:38:16:73:40:5e:f3:2a:ad:04:73:06:12:6e:
40:ff:4d:1a:b9:e4:41:07:d6:db:96:d4:fa:61:9a:
5f:03:fa:f9:92:d7:a0:19:56:1c:64:e7:4d:d6:cf:
ea:27:0e:b6:09:cd:22:e2:99:c3:66:8f:f2:ef:96:
aa:cc:6f:c7:a9:2c:79:28:20:91:6d:b8:2a:96:40:
bd:b2:60:b7:2f:59:1b:04:30:5d:1f:85:26:81:6b:
61:9e:8c:be:a5:bd:d3:3d:39:b7:86:d6:9a:30:74:
fe:59:a1:d6:39:7a:8b:f2:26:62:e2:3d:c6:a9:fe:
66:dd:9d:21:07:c4:c9:5b:12:93:21:22:7c:f2:d5:
21:0b:a8:89:bc:b3:b0:99:6d:d9:3c:d0:1d:6a:a7:
8c:90:64:e2:12:2a:ea:a7:49:e2:80:01:91:c9:da:
32:b5:41:6d:ae:ad:f2:77:a2:48:f4:66:6e:f1:35:
5f:47:f2:c9:4e:99:0b:9c:77:ff:71:19:43:b8:0b:
fe:74:0d:a4:bd:9c:e0:b0:ae:71:0b:4f:db:09:0d:
9b:91:46:e8:dc:db:ea:42:27:b8:ba:10:56:d0:6b:
0a:17
Exponent: 65537 (0x10001)
Attributes:
a0:00
Signature Algorithm: sha256WithRSAEncryption
5b:38:5f:10:f4:0a:73:05:b7:e3:21:f8:d2:3b:ee:e7:dd:4b:
65:d0:f8:bc:47:7d:0d:d4:fa:9b:28:6d:6c:52:be:74:de:62:
e1:ae:99:fc:85:e6:99:65:a2:c8:b7:56:5a:0f:aa:49:ff:f8:
68:ed:9d:6f:48:75:49:78:8e:67:95:39:ee:96:bc:f3:20:8f:
a3:31:7a:a8:49:30:80:7a:f4:27:41:ba:91:ba:ad:63:84:06:
95:70:86:2b:be:e2:0f:9a:26:d4:21:34:61:c2:21:d2:75:51:
3f:39:fa:ed:f1:92:d5:ff:12:03:cb:1a:56:f8:c9:e5:6d:00:
78:61:c3:12:90:69:80:a0:c9:71:7e:42:ff:ce:f1:35:a1:08:
9e:fd:62:d8:77:8d:5d:74:4b:6d:41:1f:a4:f8:d6:14:c6:ca:
1f:bd:9a:8a:43:ac:da:bb:d6:4d:f9:d2:15:a1:5f:59:b0:da:
82:78:64:67:39:d9:49:49:1a:e6:7d:9e:bf:5d:11:0b:fb:57:
3d:f0:c5:64:da:15:a7:d7:28:63:4e:5d:7f:0c:2e:e6:7d:2e:
f5:8c:43:36:1e:3b:15:52:cc:5a:cc:82:50:23:09:c8:fa:63:
ff:19:30:6a:1a:ed:63:b5:5d:c0:be:20:67:3d:01:8b:b0:4d:
0d:01:8e:af
Get Public Key from a Private Key
You can get the Public Key from a Private Key with something like this:
$ openssl pkey -in [private.key] -pubout -out [public.key]
Squoggle 
Recent Comments