🔑 SSH Part II: Adding Key Auth & Checking Fingerprints (Avoid MITM)

Learning to check SSH fingerprints is a staple for using remote ssh safely. Failure to match fingerprints opens us to potential MiTM.

[ Did you miss ssh writeup Part I? We discuss how default Linux OS hostnames can sometimes give away default password, pitfalls in numerical passwords (changing default passwords should be priority #1).

First we identified the OS by default hostname, then we used a “most common numerical pin number wordlist” to crack the default SSH password in seconds, demonstrating how successful ssh cracking (using Hydra) looks, and offering solutions/advice HERE) ]

INTRODUCTION

Do you accept “new” ssh client key fingerprint prompts without checking them against the server in question’s own key fingerprint?

If you accept ssh key fingerprints (without verification), you may be setting yourself up to be an unwitting victim of a MITM (Man In The Middle Attack).

[This topic is covered in PART II (scroll down for Tutorial]

Additionally in PART II, we swap out weak default password authentication, to a much stronger (passwordless) RSA key authentication login assisted by ssh-keygen (we use to generate strong keys).

After which, we disable the password login option altogether (to prevent brute force attackers), and finally, we restart SSH for all changes to take effect.

As a Bonus, a video covers converting SSH server to a Tor Hidden .onion service, adding additional security/encryption benefits (without need for open ports).

(REFRESHER) PART I:

Part I video is below, covering weak default password examples in real Pinephone operating systems (applying to all Linux / UNIX machines / default logins).

In this scenario, we first scan machines on the LAN (as an attacker would), immediately identifying operating systems by their default hostname. After which we use Hydra (brute force cracker) to run known default username/pin number lists against the SSH server identified OS of our Pinephone.

After demonstrating how easy it can be to identify and crack SSH logins on machines sharing the same connection/LAN, we then go in to tighten up sshd_config settings to prevent future brute force attacks. As well as talk password security.

This video is below:

TUTORIAL (WITH SCREENSHOTS/VIDEO)

PART II:https://www.youtube.com/embed/CZ8BjLjl7EA

Today’s Video continues on from this SSHD Config angle.

As the introductory paragraph details, first we check key fingerprints shown by our ssh client against the server side’s ssh key fingerprint. We must ensure these fingerprints match, otherwise we risk MITM attack. Never accept new fingerprints without verifying.

ADD SSH KEY AUTHENTICATION (NO PASSWORD NEEDED)

(ssh more securely)

Have you ever accepted a fingerprint and wished to start over to be sure?
(to: delete all saved keys for host / server and reconfirm fingerprint?)

REMOVE PREVIOUS KEY FINGERPRINTS (CLIENTSIDE):

ssh-keygen -R HostHere

CHECKING FINGERPRINT (SERVERSIDE):

ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub

NOTE: THE ABOVE COMMAND IS ECDSA. LATEST AND GREATEST ADVICE IS FOR ED25519. CHECK THIS:

ssh-keygen -lf /etc/ssh/ssh_host_25519_key.pub

NEXT:

Connect (from clientside) to our SSH server to check the fingerprint output. Does it match the above “CHECKING FINGER (SERVERSIDE)” output?

See the screenshot below to watch this comparison in action.

SCREENSHOT CHECKING FINGERPRINT (COMMANDS ABOVE):

IMPORTANT: I felt the need to explain 01:56 — do not accept the key (unless you previously recognize it). This key fingerprint acceptance is to demonstrate the plain ‘password: ‘ prompt itself (fingerprint acceptance required to show). Follow below for fingerprint checking instruction (or follow video after 3min).

TIP #1 FINGERPRINT CHECKING:
Check the server’s fingerprint from a separate network (if working remotely from it), or if you have physical access + a monitor, even better. By using a separate network to check the fingerprint upon connection, you are compartmentalizing both client checks from one another, further verifying fingerprints match from multiple networks.
Running the fingerprint checking locally (serverside) is always the best method (when possible).

TIP #2 FINGERPRINT CHECKING:
write hosts/fingerprints down , post them on your wall/corkboard/office: no risk in having a written list of your machines hostname/ip + correct ssh fingerprints. This can save you from having to check.
Why? You may one day need to login from a new machine without physical access to the server. Having record can help you check without risking the login/accepting fingerprints remotely.

After working on fingerprint checks, we add the key to our server, allowing our client machine to automatically login upon connection.

GENERATE RSA KEY PAIR

ssh-keygen -t rsa -b 4096

PASSWORD-FREE KEY AUTH: MORE SECURE SSH ACCESS

COPY KEY TO SERVER:
ssh-copy-id username@host

SEE SCREENSHOT BELOW FOR ABOVE STEPS IN ACTION

After successfully copying our key, we then connect by ssh to test it, if it lets us in without problem or password, we did it!

TESTING PASSWORD FREE KEY AUTHENTICATION

TIGHTEN UP SSHD_CONFIG (SERVERSIDE)

We add a few more lines to /etc/ssh/sshd_config, ensuring only our machine can login:
(disabling password guessing by relying on our newly minted key alone)

/etc/ssh/sshd_config:
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

Restarting SSH allows our configuration changes to take effect:

sudo systemctl restart ssh

[Timestamps are found inside the video description]

* BONUS: PART III: Tor SSH .Onion (Hidden Service):

This 3rd (optional) video shows how to setup SSH access as a Tor Hidden Service.

BENEFIT #1: By disabling ssh locally and allowing only the Tor ssh we prevent unknown machines from attempting brute force attacks (if we failed to follow previous videos). The only ssh attempts will be from those you give the onion address to.

BENEFIT #2: Additional layer of end to end encryption between the tor clients on ssh client and server side. Add to this the ssh encryption keys/fingerprints themselves on your client/software side, and you have a much more secure ssh setup.

Comments/Questions Welcome below:

Like content/videos like this? Share it with Linux users (Reddit, Telegram, Discord, IRC).

❤️ If you appreciate content like this and want to ☕ Buy Me a Coffee hit ‘support’ button on:
Home Page

Thoughts, comments and any questions welcome below.

🔐 Part I: Securing SSH (+ Weak Password Demo)

(mirrored from bmac Securing SSH Part I, SSH Part II)

MOST COMMON PIN NUMBERS:
(use NONE of the following pins)

1234
1111
0000
1212
7777
1004
2000
4444
2222
6969
9999
3333
5555
6666
1122
1313
8888
4321
2001
1010
12345
123456
654321
4321

SSHD CONFIGURATION LINES TO UNCOMMENT/ADD TO /etc/sshd_config

CLICK HERE FOR EXPLANATION BEHIND EACH SSHD CONFIG LINE BELOW:

/etc/sshd_config:
MaxAuthTries 3
MaxSessions 5
PermitRootLogin no
AllowUsers JerryExample # Only user can ssh remotely
LoginGraceTime 1m

If you liked this, you may also like to read/watch:

SSH Securing Part II Howto:
Learn to implement more secure ‘key’ based ssh logins and disable passwords
(follow this one! +Avoiding MITM (Learn How To Check Fingerprints – or you might regret it later)
(full of screenshots + cut / paste commands)

Share this post with everyone. Leave your thoughts below.

(Share to help this grow. ❤️
———————————————————————-
PUBLIC COMMUNITY SERVERS:
🧅🔐 ANONYMOUS GITEA (.onion): Books, Code/Scripts, Wiki, more (make a repository)
🧅🔐 PASTEBIN (.onion): anon pastebin pw protect, zk-256bit, “Burn After Reading” + more
———————————————————————-
💖 🤗 SUPPORT (If you like)
🎁 EXTRAS: something unique for your Support here
———————————————————————-
FOLLOW:
✍🗒 MASTODON
🐦 TWITTER
📺 🎞 PEERTUBE
📺 🎞 BITCHUTE
📺 🎞 ODYSEE
📺 🎞 YOUTUBE
———————————————————————
✉ CONTACT
————————————————————————

💾 Failing Harddrive Mitigation + Encrypted Backups

Backstory:

Logging a real-world failing drive experience, carrying important data (not in earlier backup). Followers asked for content including behind the scenes, ‘daily activities’. Here we are. Thank you for the suggestions.

(Unfortunately, rendering gigabytes of video + imgs (regularly) became tough on our Harddrive. )

Tools You Should Know About

smartmontools (command: smartctl)
ddrescue (GNU ddrescue) (copy important files before attempting to avoid ‘finishing off drive’!)
photorec (copy important files before attempting to avoid ‘finishing off drive’!)

💾 ⚰️ FAILING HARDDRIVE: WHAT TO DO

This video offers advice, putting you in a more optimal position to recover your most important data, BEFORE a given disk ultimately fails (completely dead).

Recommending pre-failure testing tools like smartmontools (detect a possible failing drive), before it completely dies.

(let me know in comments if monitoring disk health is something you would like to see more of)

Of course it goes without saying, backing up your important, personal files and keys (ahead of any issues), is highly recommended (and probably the most important step).

TIP: Create an encrypted volume, prior to adding backup files. Next move that newly created encrypted volume to your outside media (for storage).

**BEFORE DISK FAILS (DO THIS, RIGHT AWAY)**

Installing smartmontools:

Debian / Pop!_OS / Ubuntu: sudo apt update && apt install smartmontools -y
Arch / Manjaro Based: sudo pacman -S smartmontools

Using Smartmontools (Example Command):

smartctl -a /dev/sda

Create Hidden Encrypted Backup Inside Video File (Steganography + Crypto)

(the following video displays a Linux Pinephone – but, you can use Zulu-crypt on ANY Linux machine, in the exact same way!)

You don’t have to create a “hidden” volume if you prefer not to. It is just as easy to create a normal LUKS volume, on the same Zulu-crypt menu.https://www.youtube.com/embed/87yg8peq3kw

Watch Today’s Video

BEFORE ATTEMPTING TO COPY DRIVE

Attempt to mount partition carrying your /home directory (carrying your most personal, important and sensitive files).
If you can successfully mount this partition in question, copy your MOST IMPORTANT files first.
(ie: .ssh directory (keys), /home/user/cryptowallets, /home/user/Pictures, /home/user/Documents)
Do this priority copying FIRST.

At some point the drive will fail, COMPLETELY. And by then it will be too late (unless you have identical drives laying around with which you can swap working parts to attempt to reanimate the drive… save yourself the trouble.).

When faced with a failing harddrive, FIRST priority should always be recovering our most important / personal / sensitive files, BEFORE complete failure of the drive.

RESTORATION

AFTER SAVING YOUR MOST IMPORTANT FILES TO ANOTHER DISK…

You can restore them to a new installation by copying them (and their directories) into the identical location of your user $HOME directory (ie: /home/user).

Moving the copied files (from failing drive) into a new installation home directory (or existing), restores the original ssh keys (in case you use key authentication), accounts for messengers, and browser / program customization and bookmarks.

Backup Using dd Video

Here I covered backing up your disk with dd command:

List Your Detected Partitions:

lsblk

Example dd Backup Command

The dd command uses various options (leave a comment if you need help!)

sudo dd if=/dev/sda of=/mnt/disk/backup_06-11-2022.img bs=8M status=progress

The above example command would backup the entire /dev/sda harddrive (if= is the ‘input file’ or drive). Making if=/dev/sda backup the entire /dev/sda drive. As another example:
if=/dev/sda1 would backup only the /dev/sda1 partition.
The of=/mnt/disk/backup_06-11-2022.img part is where you would like to send your backup image. You can create any name you would like for your backup, ending the filename in .img to represent an ‘image’ of your partition, or entire drive (depending what you choose for if=)

Example Screenshot (Backing Up)

The above command sends our image backup of /dev/sda to /tmp/backup_06-11-2022.img.

From here it’s important to move it to your newly created zulucrypt volume (/tmp directory is just that, temporary: we are taking advantage of the temporary nature – but remember, never send a backup to a potentially failing drive (defeats the entire purpose of backup).

Use dd command to make backups for ANY Linux system, desktop, server, hardware (skipped ahead to 54 seconds leaving out unrelated):https://www.youtube.com/embed/pq3nL2ZWqUg?t=54

For Pinephone / Pinetab Users (starts at beginning to discuss Jumpdrive):https://www.youtube.com/embed/pq3nL2ZWqUg

Regular multi-gigabyte rendering (ie: current count is 181 videos rendered on channel) is hard on our hardware. If interested in helping the channel: various Support options exist on frontpage.

(either way, planning to continue guides)

Sharing the link, post, or video, is another a great way to Support this!

💽 Are you interested in learning more about harddrive failure monitoring, or recovery software? Let me know in the comments. If I feel there is enough interest, I will make a tutorial.

Thanks for watching! Any questions on this video? Ask below!

🔐 PGP + 🧅 Privatebin 💌 Message Tutorial + 🗒️ Tips (❤️ Now Public)

NOTE: Most people don’t need this tutorial – in fact no one truly “needs this”.
But with Human Rights and Journalism under threat, war repressing rights around the world, this tutorial can serve as an example: a “zero trust” communication method, whereby no single point of failure is relied upon.

Does it enhance security/privacy over either PGP, or Tor Hidden Service, or Privatebin alone? Absolutely! We are compartmentalizing and multiplying! 😉
To be completely honest: Most people should not go through the trouble!
Part of my effort to bring unique tutorials to Politictech.

Big Thank You to the ❤️ Supporters (this month):

Greg and Tammy.

Tutorial now public!

First Shared with Supporters days ahead of time
(sometimes weeks ahead as with other tutorial in progress).

If you want to Support this, you can now “buy me a coffee ☕” at the bottom. 3 monthly membership options listed on frontpage “padlock Membership” button.

This displays an idea: combining multiple tools/security/privacy tricks we covered recently (avoiding each single point of failure + trust problem: seen in most encrypted communication)

TODAY WE COMBINE:

PGP Message 3072 bit RSA Encrypted PGP Message Pasted into:
PrivateBin 256bit zk-snark AES Encrypted (Stored on server without host having access)
Hosted As: Tor Hidden Service (RSA end to end encryption in transit – before reaching internet)

(All Videos/posts demonetized. No sponsors steer opinion / advice here. Support below.

❤️ M0NER0: 48qtspi5En44mJZLeiMoHYFEmuJfQYb5DLQxLDr7d1NXc53XaAvoT8PS3wBrhEc3VY1wxu5Rgw6oKBYgahpSAYnpHntbQNM

Head’s Up: If you saw the earlier Privatebin video, this post provides new info/ideas to share + Tip at end.

Previous video introduction to Privatebin’s “zero knowledge AES 256bit Encrypted Pastebin” is shown below (in case you missed it):

Earlier, we covered benefits, and very basic usage of our “zero knowledge” 256bit AES Encrypted Pastebin.

This post gets more creative, mixing what we learned lately. 😉

(click picture below to watch aforementioned video on Peertube… deeper tutorial below this.)

Privatebin Video also available at:

[ Odysee ]

[ Youtube Here and Plays Inside Page Below ]https://www.youtube.com/embed/KDYuAibtcwo

In the above video, we shared a hypothetical situation, where a specific PGP key was shared.

Demonstrating sharing keys in the above video using privatebin pastebin is one option, all while selecting “burn after reading” to ensure only 1 person can possibly read that key.

But the conversation doesn’t have to end there…

If sharing a public key uses Privatebin, we could just as easily be sending encrypted PGP notes inside the passphrase protected AES 256bit Encrypted Private Pastebin.

MORE SECURE THAN PGP ALONE?

For communications opsec (operational security), we take advantage of PGP Tutorials we recently covered, combining this with the ore recently shared “zero knowledge” encrypted pastebin knowledge.

Keep reading for a unique tutorial…

If you missed those, this tutorial requires recommends first learning the GPG / GPA ropes below:

CREATING PGP ENCRYPTED MESSAGES (in 11min):https://www.youtube.com/embed/LOuREpmE92Y

MOVING PGP KEYS TO MULTIPLE MACHINES (OPTIONAL BUT USEFUL):https://www.youtube.com/embed/x_e1aoOuftM

TUTORIAL

ASYMMETRIC + SYMMETRIC CRYPTO (PGP + PRIVATEBIN)

SECURITY TIP: We could share BOTH PGP public key AND the encrypted PGP messages within our AES password protected, “burn after reading” privatebin, for a more secure, compartmentalized situation.

OUR LOCAL KEYRING:

Open GPA —> Windows —> Keyring Manager —> New Key:

Creating temp usage key (set expiration date):

Once this key expires it no longer can be used by anyone else to encrypt new messages. And thus can’t be used to forge messages by you in future, if ever (somehow) compromised – as unlikely as that is.

Example Key Expiry: 2 Weeks

TIP: Setting the key to expire at the end of communication ensures no future messages will be encrypted by this key (in case it somehow became compromised in the future, however unlikely).

TIP: Expired key has no bearing on ability of private key to decrypt message.

We write our message in PGP Clipboard:

☑️ We Have Our Temp Key

Choose: Who Is Our Message To And From?

(You may even write a message to yourself, if you like!)

After Hitting “OK” Our Encrypted Message Is Ready To Cut / Paste Anywhere:

Next: Pasting Into Tor Hidden Service zk-256bit AES Encrypted Pastebin:

(note we selected “burn after reading”, added passphrase and only pasted encrypted message itself)

Next We Hit “Send” To Create Our New 256bit AES Encrypted Message.

Then we right click to copy the password protected encrypted paste onion address:

Benefits:

No Single Point Of Failure Relied Upon.
All requirements must be met to read message sent this way.

“ALL” BE FULFILLED SIMULTANEOUSLY, TO READ OUR MSG:

Control of PGP Keys + associated keys passphrase AND
Burn After Reading: only ONE can view pastebin message AND
AES Encrypted “zero knowledge” (even host can’t read the encrypted PGP ciphertext – as little good that would do for them!) AND
256bit AES Encrypted Pastebin message passphrase further protects the PGP encrypted message itself
Tor Hidden Service providing End-To-End encryption for entire sequence of data
(RSA encryption, .onion making up public key)

As you can see, our message is quite secure! 👍

More than most would ever care to use, or need, but serves as an example: how we can use a little creativity + combinations to further increase the privacy/security of any given message/communication.

On the receipt of Privatebin message, loading the sharable link opens 1 time (“burn after reading” setting), and requires a password to decrypt.

Opening the link in Tor Browser will prompt for password before even displaying the encrypted PGP message, which will then still need to be decrypted in GNU Privacy Assistant / gpg using the correct keys/passphrase:

This post first dedicated/available to Buy Me A Coffee Supporters. Thank you for your Support.

To those who join as monthly coffees membership: thanks for joining! 😊

I release what I can, when in position to do so.

Help me share this.

Advanced Tip: For more insanely private secure messages (unnecessarily so), we could combine: airgap PGP machines, steganography + encryption to embed PGP messages inside images, finally attaching this picture file to AES encrypted zero knowledge pastebin.
This would be far”too much” for most. Security usability has its limits. I find that a bit too far.
Still, decided to share some related concepts as unlikely as it were to be used.
See previous post/video on combining hidden steganography + encryption: Here. (encrypted volume inside video files tutorial)

Coming up we take a look at privacy respecting open source alternatives to the

Social Media giants.

Thank you for visiting! If you would like to help with coffee/sdcards/hardware costs for the channel/blog (ex: video rendering killed *hard drive Jun 2022*), I’d love that. Either way, I sincerely appreciate Likes, Shares and Comments! Thank you. 🙂

———————————————————————-
💖 🤗 SUPPORT 💎 (If you like to: BTC listed here, Monero directly below)
❤️ M0NER0: 48qtspi5En44mJZLeiMoHYFEmuJfQYb5DLQxLDr7d1NXc53XaAvoT8PS3wBrhEc3VY1wxu5Rgw6oKBYgahpSAYnpHntbQNM
💳 🎁 EXTRAS: Support here for something in return – like your own privacybox: all in one encrypted pastebin + Nextcloud Tor Hidden Service Server/router.
🤑 💵 CASHAPP: $HumanRightsTech
❤️ 🪙 💎 Membership: private Nextcloud Tor Hidden Service “☕ coffee room” chatroom + file share, early/extra access, more
———————————————————————-
📲 FOLLOW: ⏬
✍ 🗒 MASTODON
🐦 TWITTER
📺 🎞 PEERTUBE
📺 🎞 BITCHUTE
📺 🎞 ODYSEE
📺 🎞 YOUTUBE
———————————————————————-

🖇️ LINKS / PUBLIC SERVICE 🔍

❤️ If you ever buy a grand total 6 ☕☕☕☕☕☕ coffees (whether 1 at a time, however, over any period of time, no matter how long ago), or are a ❤️ monthly member of 6+ months, and are interested in one of the supporter image (.img) in “extras“: please do, contact me. I will be happy to oblige.

I came up with the idea to create unique support incentive gifts, specifically designed to offer something “extra” as a gift to offer something in return for supporting this work. Supporting allows for more dedication of time, work, and resources, code and servers.

New 📁 File Upload Option: 🧅🔐 256bit AES Encrypted Pastebin

NEW: FILE UPLOAD/SHARING OPTION ADDED

Today’s post is to share a new feature: file uploads.

Added the option today.

Try It Here (Public For All): 🧅🔐 PASTEBIN (.onion)

(must use Tor Browser to access)

CREATE PASTEBIN NOTE SCREENSHOT + NEW FILE UPLOAD BUTTON

FEATURES:

AES 256bit Encryption
“Zero Knowledge” (notes/files invisible + not readable by server host)
Burn After Reading (readable by 1 person, then self destructs note/file)
Expire Note/File (1 week default, custom time/never expire option)
Password Protect (option)
Encrypted Note/File Sharable QR Code
Formatting: Plaintext or Code or Markdown
Preview Note Feature To Check On Formatting

EXAMPLE PAGE (AFTER HITTING “SEND” TO CREATE NOTE)

EXAMPLE NOTE WITH DOWNLOADABLE FILE ADDED

Hope you find this encrypted note pastebin useful.

USAGE IDEAS INCLUDE:

Share private information to protect Human Rights/Privacy
Sharing credentials for website customers
Sharing personal forms
Sharing other personal information for business and meetings
Share online location for private chatrooms
Share code for collaboration on private projects

For ethical privacy + Human Rights purposes.

❤️ MONERO: 48qtspi5En44mJZLeiMoHYFEmuJfQYb5DLQxLDr7d1NXc53XaAvoT8PS3wBrhEc3VY1wxu5Rgw6oKBYgahpSAYnpHntbQNM

⬇️ Community Pastebin + File Share:

🧅🔐 PASTEBIN (.onion)

(must use Tor Browser to access)

If you ever need the pastebin link, it is always available linked on the Frontpage.

EXTRA: Want to Support the unique Tutorial/Video/Human Rights/privacy scripts work here? And download for your very own “privacybox” server (with fully automated + custom option setup) with:

unique onion/keys generated first login
AES 256bit encrypted zero knowledge pastebin
Nextcloud Tor hidden service server + Maps for satellite earth image viewing
Nextcloud Talk for privacy/anon encrypted chats/internal messaging
Torified wifi router (can turn off/on in the menu shell)
shell style configuration/option menu (for settings and more)
blocking networkwide of intel AMT ports for wifi client devices
daily log scanning + important security events emailed to local user
+ more!If the above described interests you (automated “privacybox“) you can find this supporter custom RPI .img in “Extras” section (monero/btc/options available).This custom image is a way to offer those supporters, something in return.Email if you would like more details/information.

This project is a continuous effort and updates/new features/.img’s are shared with those in this group.

Browse / Search open tutorials by category Here.

RELATED (OUTSIDE) LINK: Privatebin Project

♥️ Thank you for visiting! If you like what I do and want to help with ☕ coffee / sdcards / hardware costs for the channel/blog (ex: video rendering killed *hard drive Jun 2022*), I’d love that. Either way, I sincerely appreciate Likes, Shares and Comments!

Thank you. 🙂

📺 Lynis Scanner: 🔐 Audit + Harden Linux System

📺 Click image below to watch on decentralized, federated Peertube channel:

(Share to help this grow. ❤️ If you appreciate content like this, ☕ Buy Me a Coffee Support button at bottom or frontpage)

[ 📺 Bitchute ]

[ 📺 Peertube ]

[ 📺 Odysee ]

[ 📺 Youtube ]

📺 Watch Right Here:https://www.youtube.com/embed/jMGYtgPvwYI

SCREENSHOTS:

Scan Conclusion/Score:

Example Suggestions:

UPDATED SCREENSHOT (03.08.2022):

After the video, I scanned again, to see the change in score.

What was covered on video brought it from 65, up to 71/100.

We will be covering more hardening in future posts. Be sure to follow if you are interested in joining!

(below are related tutorials I suggest following if you missed them)

🔐 RELATED SECURITY TUTORIALS:

📺 📖 Secure your SSH 🔐 w/key authentication (no password)

📺 📖 Prevent SSH 🔐 Brute force attacks + Demo on weakness of pin numbers

🔒 Checksum Integrity Checking (Debian) + Screenshots

🔒 Checksum Integrity Checking (Debian) Video

🔒 Checksum Integrity Checking (Arch/Manjaro)

Leave a public comment / question at the bottom.

(new monthly coffee Supporter ☕ ❤️ The Coffeeroom 🔐 ☕ Option)

(public secure chat server may be funded in future – currently 2 public servers):
* 🧅🔐 encrypted community (public) pastebin +
* 🧅🔐Gitea Onion community (public) server).

Tell me what you think/like to see on this page and all video channels.

Your question may help someone in the future!

💎 ** Sharing this link moves this content higher in algorithm. **

Thanks for Supporting with 🤲 Shares / Support / Coffee / BTC / XMR

☑️ follow

Options / Public Links below.

Your safety online matters to me. Ask away any questions you might have.

🖇️ LINKS/SERVICES 🔍

———————————————————————-
🧅🔐 GITEA SERVICE (.onion): Books, Code/Scripts, Wiki, more (make a repository)
🧅🔐 PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s)
———————————————————————-
💖 🤗 SUPPORT 💎 (Buy me a coffee (if you like), current BTC/M0NER0 Listed Here)
💳 🎁 EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server.
🤑 💵 CASHAPP: $HumanRightsTech
✍ 🗒 💎 Politictech Membership ❤️ (monthly supporter option + early/extra access)
🪙 Politictech Main Page: (info + current links/addresses)
———————————————————————-
📲 FOLLOW: ⏬
✍ 🗒 MASTODON
🐦 TWITTER
📺 🎞 PEERTUBE
📺 🎞 BITCHUTE
📺 🎞 ODYSEE
📺 🎞 YOUTUBE
———————————————————————
✉ CONTACT
————————————————————————-
THANK YOU for Sharing
————————————————————————-
If you aren’t registered for Odysee I’d love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP
————————————————————————–

🔐 Securely Encrypt + Transfer Files + PGP 🔑 Key Backups

I may add more text to this in future edits to add more information/facts/details for everyone. For now, the latest video.

☑️ Thank You For Following! (making an account and comment/follow is FREE)

Share links to these tutorials / videos. Even random video comments helps this work move up in search engine rankings (engagement + backlinks) – thanks for your help. Telegram /Discord another great place to share.

Some unique topics are not searched for naturally + big tech is not interested in promoting real privacy going against their business model.

No, I’m not here selling you a sponsor VPN (that no one can audit). I’m here to bring you privacy tutorials honestly. Things you don’t have to pay for. Something you won’t find shared most places.

❤️ But really, what I appreciate most, is those who take the time to repost these tutorials/videos. Thank you. Other optional Support options on Main Page including extras / membership.

🧅🔐 Public Community Politictech Servers (Tor Browser Access: No Registration Needed)

[ PASTEBIN (.onion) *NEW* ] [ GITEA SERVICE (.onion) ]

MULTIPLE SUBJECTS TODAY

First, we learn how to use symmetric ciphers in gpg to encrypt file backups to securely transfer files on email and any other platform (symmetric cipher keeps encrypted data secret except for those knowing the passphrase)
We learn to backup our PGP keys and transfer them to a new device (securely)
We learn to use scp (ssh file transfer) to transfer files directly using encrypted connection

(click image below to watch on decentralized Peertube channel or watch the embedded Youtube video below it)

Thanks for watching! 🙂

If you missed the other related SSH and PGP guides, see:

💡🔑 Learn to use PGP in 11min + PGP Signature verification guide

💡🔑 Full Guide: Verify PGP Signed Images [ie: Linux Distro] (Screenshots + More)

📺 📖 Secure your SSH 🔐 w/key authentication (no password)

📺 📖 Prevent SSH 🔐 Brute force attacks + Demo on weakness of pin numbers

Comments/questions welcome! Happy to answer questions. Free to register to comment/follow.

💎 ** Sharing links to this moves this content higher in algorithm. **

Thanks for Supporting this with 🤲 Shares / Support options below.

☑️ Thanks for being a follower (it’s FREE!). Followers get only the most interesting posts by email.

Options are below. Thanks for your Support.

Your safety online matters to me. Ask any questions you might have.

🖇️ LINKS/SERVICES 🔍

———————————————————————-
🧅🔐 GITEA SERVICE (.onion): Books, Code/Scripts, Wiki, more (make a repository)
🧅🔐 PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s)
———————————————————————-
💖 🤗 SUPPORT 💎 (If you like to)
💳 🎁 EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server.
🤑 💵 CASHAPP: $HumanRightsTech
✍ 🗒 💎 Politictech Membership ❤️ (monthly supporter option + early/extra access)
🪙 Politictech Main Page: (info + current links/addresses)
———————————————————————-
📲 FOLLOW: ⏬
✍ 🗒 MASTODON
🐦 TWITTER
📺 🎞 PEERTUBE
📺 🎞 BITCHUTE
📺 🎞 ODYSEE
📺 🎞 YOUTUBE
———————————————————————
✉ CONTACT
————————————————————————-
THANK YOU for Sharing this, Liking, and Subscribing.
————————————————————————-
If you aren’t registered for Odysee I’d love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP
————————————————————————–

🔑 Learn PGP Quick 🔐 (GNU Privacy Assistant) 📽️

When it comes to Human Rights, strong encryption can become the great equalizer.

🔐 Upgrade Your Security / Privacy Game With PGP

(watch on decentralized Peertube by clicking the image below)

📽️ Today’s video: Learn PGP in just 11 minutes of video.

Given the current political world climate + ongoing attacks on end to end encryption messengers, I felt this topic appropriate.

No matter what happens to encrypted messengers, PGP will always be there for you.

Many ways to use it, and I will continue covering different ways to use it for the community. 🔒

Who is this for? You can use this on ANY operating system/computer.

(Even on a Pinephone: I use GPA on mine).

(Support / Extra options (including crypto) found at bottom of this post. Most of all Sharing this helps this content move up the algorithm. Thank You.)

PGP Public / Private Key Communication:

(watch video down below for demo + instruction)

Imported Public Key Verifies Signature:

Scenario: Alice writes message to Bob, signs using her private key, and Bob is able to verify it was from Alice herself, as he imported her public key into his keyring. This public / private key system (asymmetric) offers proof of signature.

Without being signed by her actual key, validation would not be proven.

FIRST STEPS: Add Contact’s Public Key To Your Keyring First:
(To Communicate)

NEXT: Verify Fingerprint (see signature verification post below for more info on this process):

Watch below video to see the encryption demo + instructions on decryption process + benefits.

📺 VIDEO TUTORIAL COVERAGE:

Write exclusive encrypted messages (only recipient can open)
Decrypt messages written exclusively for your key
Create new PGP keys
Learn how PGP provides stronger security to messengers
Learn to exchange public keys (making messages private/exclusive)
PGP allows compartmentalization of encryption from the message transport
(allowing situations such as airgap)
Learn to verify signed Linux images to ensure you install safe software

Drawbacks? Some may say lack of perfect forward secrecy.

You can certainly get creative with versatile PGP!

NOTE: diagrams + screenshots found below video for your reference

🔐 Upgrade Your Security / Privacy Game With PGP

(watch on decentralized Peertube by clicking the image below + mirrors below that)

ALTERNATIVE MIRRORS:

[ Peertube ]

[ Odysee ]

[ Bitchute ]

[ Youtube ] (scroll down to watch embedded right here in this post)

If you rather watch here on this post, video embedded below (new mirrors added later):https://www.youtube.com/embed/LOuREpmE92Y

After watching and learning about verifying your Tails Image (or other Linux downloads), why not setup Tails USB disk to continue the process and take full advantage of PGP benefits and have confidence in your Linux setup?

You can do it! Leave comments if you get stuck.

✍️ Full Signed Linux Image PGP Verification/Integrity Guide (if you missed it):

💿 Related Flashback: Install Tails USB Encrypted Persistence/Customization:
(since covering verifying Tails in example, this fits the post!)

These Tutorials are for everyone. Thanks for Sharing them.

Reaching people makes it worth it.

💎 ** Sharing links moves this content higher in algorithm. **

❤️ Thanks for Supporting this with 🤲 Shares (other Support/membership/extra options below).

☑️ Following is FREE!). Followers get only the most interesting posts by email.

Share to help grow past the algorithm.

Tutorial Posts for everyone, sometimes share extra/custom tips with those supporting this behind the scenes, helping to upgrade/dedicate hardware (ex: this last year costs included new microphone / screens/, dedicated hardware servers (like community dedicated:
Tor Hidden Service 🧅🔐 Encrypted Pastebin + 🧅🔐 Gitea Onion Server for wiki/code).

❤️ If you appreciate content like this you can now ☕ Buy Me a Coffee hit the support button on:
Home Page + at bottom of this post.

If everyone reposts links, this channel/tutorial community will rank higher on search engines (algorithm rewards backlinks to this).

Thank you for your help in this mission.

Online safety matters to me. Ask questions you might have.

🖇️ LINKS/SERVICES 🔍

COMMUNITY SERVERS

SUPPORT THIS
———————————————————————-
💖 🤗 SUPPORT 💎 (If you like to)
💳 🎁 EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server.
🤑 💵 CASHAPP: $HumanRightsTech
✍ 🗒 💎 Politictech Membership ❤️ (monthly supporter option + early/extra access)
🪙 Politictech Main Page: (info + current links/addresses)
———————————————————————-
📲 FOLLOW: ⏬
✍ 🗒 MASTODON
🐦 TWITTER
📺 🎞 PEERTUBE
📺 🎞 BITCHUTE
📺 🎞 ODYSEE
📺 🎞 YOUTUBE
———————————————————————
✉ CONTACT
————————————————————————-
THANK YOU for Sharing this, Liking, and Subscribing.
————————————————————————-
If you aren’t registered for Odysee I’d love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP
————————————————————————–

💾 💿 PGP Signature Verification 🖊️ 🔐 (Integrity: Security Essentials)

(first previewed in advance at Politictech BMAC most public)

For if you install Linux, or another operating systems, and neglect to verify the integrity of that image (using checksum and/or PGP signature), you may very well be left questioning the trust of everything on that system thereafter.

(don’t make the mistake of skipping these vital steps)

We covered integrity before, utilizing checksum verification. Both individually, and an entire system.

Miss it? See Checksums: Arch + Manjaro / Debian based – both: video / article).

[ Share with Linux, open source, and crypto fans. ]

WHY INTEGRITY? READ ON.

OR, SKIP DOWN TO START OF “TUTORIAL”.

(a refresher on integrity/cryptographic benefits – it’s not just for privacy)

🎯 MiTM (Man [or ‘manipulator’] In The Middle)

🎯 During a man in the middle attack, our attacker sits somewhere in the middle (hence MITM). This could be performed by:

a human behind a machine (example)
an automated hidden pi zero or other IoT device
a device while on public wifi
your LAN (home/work WiFi network)
higher up the chain inside your ISP network
on the network for the download server itself.

Once you install a backdoored Linux image 💿, the rest of security/privacy goes out the window.

Good News: checking fingerprints and being mindful of encryption helps avoid the majority of MITM security problems today. Especially when using shared networks.

TIP: When’s the last time you patched vulnerable IoT devices? These can be high risk. Always a good idea to create a separate isolated LAN for these.

🎯 ATTACKED SERVERS (PREVIOUS EXAMPLE)

If you download from a server that is compromised, don’t be surprised if the attacker “left a present”.(if you have problems with this tutorial or others, leave a comment. I’ll be happy to help answer questions for free! – your question could help others in the future – and that’s the ultimate goal here: help as many people as possible using these public tutorials;

The extras section offers another form of support including custom Linux server images/consulting: for those who want to both support this work and receive more personalized help/services.)

🗒️ TUTORIAL: VERIFYING PGP SIGNATURES 🔒 🖊️

Use this guide to verify Tails or any other package/image.

The only thing that changes here is the sites you download the key + signature/file from.

Verification remains the same – that’s why we use encryption.

STEP #1: INSTALL GPA (GNU PRIVACY ASSISTANT)

FIRST: Install/Open GPA (GNU Privacy Assistant)

Debian Install: apt install gpa -y

Arch/Manjaro Install: pacman -S gpa)

NEXT: Download the provided public key from the developer’s official sources (see below example process).

In this example we import RTP‘s key. This key can be used to verify anything which has been signed by RTP. Ensuring that RTP themselves created the file download (substitute for other source/img).

No one can “spoof” RTP’s signature to match: as long as we have downloaded/imported the correct RTP key (containing correct fingerprint).

We go into tips on verification.

Here, we find the PGP / GPG key itself on the Politictech/BMAC Tutorial site at the secure onion link:

🧅 🔐 Why Tor Hidden Service Link? Tor hidden services use end to end encryption to thwart MITM attacks, making a more secure way to share PGP / GPG keys.

In this particular case, we are viewing this on a trusted encrypted 📋🔒 Pastebin site – adding further security – the public key of the hidden service encryption makes up the .onion address.

Additionally, the key itself to the storage encryption for the encrypted 📋🔒 pastebin post makes up the end remainder of the link.

TIP: Only sign/trust keys after verifying that key carries the correct fingerprint. If you remember nothing else from this article, remember this: fingerprints must match the original/official.

🔑 NEXT: SAVE PGP KEY

IMPORTANT NOTE: In the example, the key itself is provided by a secure hidden service domain (.onion) we trust.
It’s important to further verify the key fingerprint through a 3rd party (keyservers, signed by trusted developers, for a few examples)

Next: Copy and paste the entirety of the PGP Public Key Block into a file and save this file as:
‘rtp-key’ 🔑.

(related: those interested can support the tutorials/videos/scripts work and get something in return: a custom pi Supporter image creating their own automated setup encrypted onion pastebin + Tor Nextcloud, through at the pi privacybox supporter image).

You are certainly FREE / welcome to use the provided public community service encrypted pastebin🧅🔐 (for any ethical purposes (ie: sensitive credentials / temporary passwords with customers / coworkers) by going Here (in Tor Browser).

It’s for the community.

🔑 IMPORT THE KEY INTO GPA/GPG 🔐

Open GPA and tap on the Keys menu. Select Import Keys (as shown below)

Select the file you just saved the public key into (rtp-key).

MATCH THE FINGERPRINT

Tap on the key you just imported. At the bottom of your window you will see the fingerprint for that exact selected key (see below screenshot). It should match the source website (ideally, verify by multiple sources where possible).

Now compare the above fingerprint on our newly imported key against officially known fingerprints for the name of the key owner in question (RightToPrivacy/RTP is the example here).

First comparing to the original source:

Still, if a website were compromised, attackers could potentially replace links and keys/fingerprints.

Match across multiple sources (where possible).

In our case the fingerprint provided is seen on the main page, on another server in signatures of emails, and other project sources servers.

This provides us multiple sources of matching fingerprints to the imported key.

If the fingerprints do not match, delete the key (unless one fingerprint is an old/expired key – leave a comment if you have any questions on this! Happy to help answer.)

Other options exist without using multiple sources (such as using the trust/validation of other trusted developers such as the case for Tails: Debian developers have signed the Tails key. This makes it valid once we validate the Debian developers key to do so.

VERIFYING FINGERPRINT MATCHES USING ADDITIONAL SOURCES
(QUICK METHOD)

You can use something like whoogle search engine (anon google) to search directly for the key fingerprint in quotes, further verifying the owner of a key fingerprint for you (commonly discussed/printed in forums, stackoverflow, etc).

Verifying through multiple different sources adds confidence to authenticity.

Another option is searching the public keyservers.

Yet another is trusting known keys (such as Debian developers signatures to verify Tails Linux) to verify a new imported key, to develop a “web of trust”.

WHY FINGERPRINTS MATTER

FINGERPRINT EXAMPLE #1: If using SSH on a shared network, read SSH Part I, but when it comes to fingerprints especially secure SSH Part II. Learn how to check SSH fingerprints server-side against those displayed upon connection to avoid a MITM here.

FINGERPRINT EXAMPLE #2: https website cert fingerprints are one way to check for an active MITM (SHA1, SHA256).

During times of online uncertainty, try checking a few of the fingerprint/site examples at the end of this article (article subject: $1bil VPN buyout by a large company who’s ownership happened to have a data collection/malware history).

FINGERPRINT EXAMPLE #3: If in the course of our messaging, the public key fingerprint changes on us (without the person changing their key), we may be in the midst of the MITM.

Hoping this helps emphasizes the importance of checking fingerprints.

🔑 SIGN KEY / ADD TRUST 🤝

Once we are thoroughly confident we have imported the correct key, we can right click on that key to set any trust levels we would like (see below screenshot), and sign the key to validate it ourselves.

You may trust this developer and wish to set a more complete trust profile. Or maybe this key is less trusted to take actions for you. The choice is yours.

After setting trust level, sign the key 🔑 (after verifying fingerprint)

Once we have signed the key, we can then use it to validate signatures/images.

📁 IMPORT OUR SIGNATURE FILE 💾

Download the image or package you wish to verify.
Download the signature file into same directory (.sig).

🗄️ OPEN FILE MANAGER

NEXT: In GPA, “Open the file manager” 📁 (seen in folder icon above red box)-

📁 File Manager: Open Signature File 🏷️

Next we can open the signature file itself (inside directory of downloaded file)

This can either be separate from the file/image itself, or, it may be all in one file.

Either way, we open the .sig extension file 💾 :

Opened Signature:

After opening the .sig file we should see it in the box as displayed below.

🔒 🖊️ VALIDATE SIGNATURE / IMAGE 💿

Next we can click “Check Signatures Of Selected File” 💾 and if all is well, you should receive a “VALID” message in return:

The above shows 💿 PineDio gateway image verified. Substitute any package or Linux distribution here (such as Tails OS, Whonix, Qubes, Debian 💿)

Follow this guide for ANY PGP signature verification for a download 💿
(ie: Linux operating system image).

(trusted example used here)

Congratulations! 😀

You did it. 🙌

♥️ Thank you for visiting! If you like what I do and want to help me with cost of ☕ coffee / sdcards / (*frequent*) hardware costs for bringing original content / Tutorials to this channel/blog (ex: video rendering killed *hard drive Jun 2022*), I’d really love that. Either way, I sincerely appreciate Likes, Shares and Comments!

Thank you. 🙂

💎 ** Sharing links to this moves this content higher in algorithm. **

Thanks for Supporting this with 🤲 Shares and other Support options below.

☑️ Thanks for being a follower (it’s FREE!). Followers get only the most interesting posts by email.

❤️ If you appreciate content like this and want to ☕ Buy Me a Coffee hit the support button on:
Home Page + at bottom of this post.

Your safety online matters to me. Ask any questions you might have.

🖇️ LINKS/SERVICES 🔍

———————————————————————-
🧅🔐 GITEA SERVICE (.onion): Books, Code/Scripts, Wiki, more (make a repository)
🧅🔐 PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s)
———————————————————————-
💖 🤗 SUPPORT 💎 (buy me a coffee If you like to)
💳 🎁 EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server.
🤑 💵 CASHAPP: $HumanRightsTech
✍ 🗒 💎 Politictech Membership ❤️ (monthly supporter option + early/extra access)
🪙 Politictech Main Page: (info + current links/addresses)
———————————————————————-
📲 FOLLOW: ⏬
✍ 🗒 MASTODON
🐦 TWITTER
📺 🎞 PEERTUBE
📺 🎞 BITCHUTE
📺 🎞 ODYSEE
📺 🎞 YOUTUBE
———————————————————————
✉ CONTACT
————————————————————————-
THANK YOU for Sharing this, Liking, and Subscribing.
————————————————————————-
If you aren’t registered for Odysee I’d love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP
————————————————————————–

Meet Pwnagotchi: AI Pet Eating WiFi Auth Handshakes!

(first previewed in advance at Politictech BMAC most public)

Had a recent request for ethical pentest material, and decided to cover this (pwnagotchi video/s is I have planned to cover for at least a year – but measuring blurring can become a lot of work in video editing!).

Handshakes?

When our devices connect to WiFi, they perform what is called an authentication “handshake” with the router.

Packets are exchanged to securely login to that WiFi.

However, if devices nearby are set to monitor mode, “monitoring”, or recording to a file this “handshake” exchange, those can then be cracked using aircrack-ng, or hashcat.

TIP FOR EVERYONE: Move any devices that frequently get disconnected closer to your router.
Why? Every single time a device is disconnected, they are revealing the WiFi authentication handshake to any devices that may be listening.
Summary: It’s a security risk to have devices frequently disconnected.

Pwnagotchi

pwnagotchi uses artificial intelligence as a (tomagotchi style) virtual “pet” that automates deauthentication packets to nearby devices in order to capture WiFi auth handshakes (created when those disconnected devices reconnect).

This full Linux computer has awesome ethical pentesting power.

In the video, I demonstrate some of pwnagotchi’s many capabilities. It makes a wonderful pet for geeks!

Seen below connected via usb to my Pinetab.

Meet Pwnagotchi on Peertube by clicking the image below. Or watch it in the embedded YT video or Odysee/Bitchute links below that.

Mirrors:

[ Odysee/LBRY ]

[ Peertube ]

[ Bitchute ]

[ Youtube ]https://www.youtube.com/embed/U9-HVsiLd9A

Want to see more on pwnagotchi?

Have a questions? Suggestion?

I love reading/interacting with everyone in the comments below.

💎 ** Sharing links to this moves this content higher in algorithm. **

Thanks in advance.

☑️ Thanks for being a follower (it’s FREE!). Followers get only the most interesting posts by email.

Download link and setup instructions found here.

Documentation can be found here.

Planning to continue sharing original custom tutorials like this one, in the future.

Something I try to do differently. Thanks for your Support.

Your safety online matters to me. Ask any questions you might have.

🖇️ LINKS/SERVICES 🔍

———————————————————————-
🧅🔐 GITEA SERVICE (.onion): Books, Code/Scripts, Wiki, more (make a repository)
🧅🔐 PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s)
———————————————————————-
💖 🤗 SUPPORT 💎 (If you like to)
💳 🎁 EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server.
🤑 💵 CASHAPP: $HumanRightsTech
✍ 🗒 💎 Politictech Membership ❤️ (monthly supporter option + early/extra access)
🪙 Politictech Main Page: (info + current links/addresses)
———————————————————————-
📲 FOLLOW: ⏬
✍ 🗒 MASTODON
🐦 TWITTER
📺 🎞 PEERTUBE
📺 🎞 BITCHUTE
📺 🎞 ODYSEE
📺 🎞 YOUTUBE
———————————————————————
✉ CONTACT
————————————————————————-
THANK YOU for Sharing this, Liking, and Subscribing.
————————————————————————-
If you aren’t registered for Odysee I’d love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP
————————————————————————–

TUTORIAL (WITH SCREENSHOTS/VIDEO)

ADD SSH KEY AUTHENTICATION (NO PASSWORD NEEDED)

GENERATE RSA KEY PAIR

PASSWORD-FREE KEY AUTH: MORE SECURE SSH ACCESS

Tools You Should Know About

BEFORE DISK FAILS (DO THIS, RIGHT AWAY)

Watch Today’s Video

BEFORE ATTEMPTING TO COPY DRIVE

RESTORATION

Backup Using dd Video

TODAY WE COMBINE:

MORE SECURE THAN PGP ALONE?

TUTORIAL

As you can see, our message is quite secure! 👍

🖇️ LINKS / PUBLIC SERVICE 🔍

NEW: FILE UPLOAD/SHARING OPTION ADDED

Try It Here (Public For All): 🧅🔐 PASTEBIN (.onion)

USAGE IDEAS INCLUDE:

⬇️ Community Pastebin + File Share:🧅🔐 PASTEBIN (.onion)

More public tutorials/scripts will be coming soon.

Browse / Search open tutorials by category Here.

SCREENSHOTS:

UPDATED SCREENSHOT (03.08.2022):

🔐 RELATED SECURITY TUTORIALS:

🖇️ LINKS/SERVICES 🔍

MULTIPLE SUBJECTS TODAY

🖇️ LINKS/SERVICES 🔍

🔐 Upgrade Your Security / Privacy Game With PGP

PGP Public / Private Key Communication:

Imported Public Key Verifies Signature:

📺 VIDEO TUTORIAL COVERAGE:

🔐 Upgrade Your Security / Privacy Game With PGP

🖇️ LINKS/SERVICES 🔍

WHY INTEGRITY? READ ON.

OR, SKIP DOWN TO START OF “TUTORIAL”.

🎯 MiTM (Man [or ‘manipulator’] In The Middle)

🎯 ATTACKED SERVERS (PREVIOUS EXAMPLE)

🗒️ TUTORIAL: VERIFYING PGP SIGNATURES 🔒 🖊️

STEP #1: INSTALL GPA (GNU PRIVACY ASSISTANT)

🔑 NEXT: SAVE PGP KEY

🔑 IMPORT THE KEY INTO GPA/GPG 🔐

MATCH THE FINGERPRINT

WHY FINGERPRINTS MATTER

🔑 SIGN KEY / ADD TRUST 🤝

📁 IMPORT OUR SIGNATURE FILE 💾

🗄️ OPEN FILE MANAGER

📁 File Manager: Open Signature File 🏷️

🔒 🖊️ VALIDATE SIGNATURE / IMAGE 💿

🖇️ LINKS/SERVICES 🔍

Handshakes?

Pwnagotchi

Mirrors:

🖇️ LINKS/SERVICES 🔍

**BEFORE DISK FAILS (DO THIS, RIGHT AWAY)**

⬇️ Community Pastebin + File Share:

🧅🔐 PASTEBIN (.onion)