Main

February 21, 2009

GnuPG and PGP

Ever want to email userids and passwords to colleagues and friends but are afraid of
sending it using standard email?
How about encrypting the message?
I currently use Pgp or GnuPG for encrypting text messages,
and as youll see below is a very simple way of keeping encrypted
files on your desktop.

First youll need to download the latest PGP / GnuPG version for your platform.
http://www.pgpi.org/products/pgp/versions/freeware/

The latest PGP versions are 30 day demos, GnuPG is freeware.
We will start with Gnupg . Gnupg is pretty much standard on any
linux distro, so youll have no problem installing it.
For Windows users , download the latest from:
http://www.pgpi.org/cgi/download.cgi?filename=gnupg-w32cli-1.2.2.zip

Unzip the archive and copy gpg.exe,gpgkeys_ldap.exe and gpgv.exe to
your %WINDOWS\system32 directory
This way you can open a DOS window and type "gpg"

Now for a quickie run down on how to use gpg.
First on how to SETUP and generate a key.
1) gpg --gen-key ** Generate a KEY **
simple to use, will give you a few options but works great - I normally choose RSA/ 2048 Bit
keysize.

2) gpg --output revoke.asc --gen-revoke user@email.com ** Revoke a KEY **
Revoke your ex buddies key

Publishing your KEY - this way folks can find you.

1) gpg --keyserver pgp.mit.edu --send-key youruserid@yourdomain.com
2) gpg --keyserver pgp.mit.edu --recv-keys 3634EDF8A
lookup ID's at Keyserver.net , find your friends key and upload to your keyring.


Administrivia
LISTING KEYS ----------------------
1) gpg --list-keys
** listing the public keys in your keychain

EXPORTING KEYS --------------------
2) gpg --output carlos.gpg --export userid@yourbuddieskey.com
carlos.gpg : CREATE binary mode key

3) gpg --output friend.gpg --export friend@hotmail.com
friend.gpg : CREATE binary mode key

4) gpg --armor --export userid@key.com
is ascii mode to Standard output : pipe to file.asc
This key can be emailed to colleagues

IMPORTING KEYS ------------------
5) gpg --import friendblake.gpg ** import your friends key **

**** after looking up recipient****
eg:
6) gpg --keyserver pgp.mit.edu --recv-keys 0x5F70881D


7) gpg --edit-key blake@cyb.org ** validate your friends key
Commandfpr
Commandsign ** if ok and validated

Encrypting /Decrypting Documents
ENCRYPTING
1) gpg --output doc.gpg --encrypt --recipient blake@cyb.org doc.txt
will encrypt doc.txt and product a binary file doc.gpg
2) gpg --armor --output doc.txt.asc --encrypt --recipient blake@cyb.org doc.txt
will encrypt doc.txt and product an ASCII file doc.txt.asc
DECRYPTING
3) gpg --output doc.txt --decrypt doc.gpg
will decrypt doc.gpg

Posted by Carlos Martinez at 8:46 PM | | Comments (0)

February 17, 2009

From Sparc to Intel

As a preliminary cost saving measure , our "IT" group decided to move from costly Sun Sparc platform to Intel hardware, our many Oracle instances . This move , beside being a technical challenge on the Oracle side provided us with a new method to quickly test VMware performance instances.
It appears that this exact move has been performed numerous times utilizing imp/exp and creating transportable tablespaces.


For a tablespace to be transportable it must be totally self contained.
This can be checked using the DBMS_TTS.TRANSPORT_SET_CHECK procedure.
The TS_LIST parameter accepts a comma separated list of tablespace names:

sys@ORACLE>EXEC DBMS_TTS.TRANSPORT_SET_CHECK(ts_list => 'MYTABLESPACE', incl_constraints
PL/SQL procedure successfully completed.
sys@ORACLE>

Now check for violations

sys@ORACLE> select * from transport_set_violations;
no rows selected
sys@ORACLE>

Switch the table space to READ ONLY!

sys@ORACLE> alter tablespace MYTABLESPACE READ ONLY;
tablespace altered.
sys@ORACLE>

Finally we can export
bash% exp USERID='system/password@ORACLE as sysdba' TRANSPORT_TABLESPACE=y
TABLESPACES=MYTABLESPACE
FILE=MYTABLESPACE.dmp

Dont forget to reset your tablespace back to read write
sys@ORACLE>ALTER TABLESPACE MYTABLESPACE READ WRITE;
Tablespace altered.
sys@ORACLE>

Now create users who owned tablespace in MYTABLESPACE
sys@ORACLE> create user marti149 identified by guesswho
User created.
sys@ORACLE>

Now for the cool part!
bash% imp USERID='system/password@ORACLE2 as SYSDBA'
TRANSPORT_TABLESPACE=y
DATAFILES='/path/oradata/ORACLE2/MYTABLESPACE.DBF'
FILE=/tmp/MYTABLESPACE.dmp

Now to read and test
sys@ORACLE> ALTER TABLESPACE MYTABLESPACE READ WRITE;
Tablespace altered.
sys@ORACLE>select tablespace_name,plugged_in,status from dba_tablespaces
where tablespace_name = 'MYTABLESPACE';

Viola!
TABLESPACE_NAME PLU STATUS
------------------------------------------ ----- ---------
MYTABLESPACE YES ONLINE


Posted by Carlos Martinez at 8:20 PM |