Onion-Services<\/a> verwendet. Deshalb mal heute zur Entspannung f\u00fcr 10 Minuten einen public und privaten Key auf einem Raspberry Pi (Zero) generieren. Inkl. Hostnamen. Das geht so:<\/p>\n\r\n\r\n\/\/ n\u00f6tige Abh\u00e4ngigkeite installieren, wenn nicht schon vorhanden\r\nsudo apt install gcc libsodium-dev make autoconf\r\n\r\n\/\/ das Repo clonen\r\ngit clone https:\/\/github.com\/IT-Berater\/mkp224o.git\r\n\r\n\/\/ die mkp224o App compilieren, bauen und installieren\r\ncd mkp224o\/\r\n\r\n.\/autogen.sh\r\n.\/configure\r\nmake\r\n\r\n\/\/ Keys die mit fast oder filter starten und Hostname generieren im TW-Keys Verzeichnis, das dauert ca. 1 Minute\r\n.\/mkp224o filter fast -t 1 -v -n 1 -d .\/TW-Keys\r\n\r\n\/\/ Check\r\ncd TW-Keys\r\nls \r\n\r\n<\/pre>\nHier mal der lauf auf meinem Pi:<\/p>\n
bitcoin@pi-zero:~ $ git clone https:\/\/github.com\/IT-Berater\/mkp224o.git\r\nKlone nach 'mkp224o' ...\r\nremote: Enumerating objects: 1214, done.\r\nremote: Counting objects: 100% (19\/19), done.\r\nremote: Compressing objects: 100% (15\/15), done.\r\nremote: Total 1214 (delta 7), reused 12 (delta 4), pack-reused 1195\r\nEmpfange Objekte: 100% (1214\/1214), 1.67 MiB | 819.00 KiB\/s, Fertig.\r\nL\u00f6se Unterschiede auf: 100% (748\/748), Fertig.\r\n\r\nbitcoin@pi-zero:~ $ cd mkp224o\/\r\n\r\nbitcoin@pi-zero:~\/mkp224o $ .\/autogen.sh\r\n\r\nbitcoin@pi-zero:~\/mkp224o $ .\/configure\r\nchecking for gcc... gcc\r\nchecking whether the C compiler works... yes\r\nchecking for C compiler default output file name... a.out\r\nchecking for suffix of executables...\r\nchecking whether we are cross compiling... no\r\nchecking for suffix of object files... o\r\nchecking whether we are using the GNU C compiler... yes\r\nchecking whether gcc accepts -g... yes\r\nchecking for gcc option to accept ISO C89... none needed\r\nchecking whether CC supports -march=native... yes\r\nchecking whether CC supports -fomit-frame-pointer... yes\r\nchecking whether CC supports -nopie... no\r\nchecking whether CC supports -no-pie... yes\r\nchecking whether CC supports -std=c99... yes\r\nchecking whether CC supports -Wall... yes\r\nchecking whether CC supports -Wextra... yes\r\nchecking whether CC supports -Wno-maybe-uninitialized... yes\r\nchecking whether CC supports and needs -Wno-format -Wno-pedantic-ms-format... no\r\nchecking whether CC supports -Wno-unused-function... yes\r\nchecking whether CC supports -Wmissing-prototypes... yes\r\nchecking whether CC supports -Wstrict-prototypes... yes\r\nchecking whether ARGON2ID13 is supported by libsodium... yes\r\nconfigure: creating .\/config.status\r\nconfig.status: creating GNUmakefile\r\n\r\nbitcoin@pi-zero:~\/mkp224o $ make\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o main.c.o.tmp main.c && mv main.c.o.tmp main.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o worker.c.o.tmp worker.c && mv worker.c.o.tmp worker.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o yaml.c.o.tmp yaml.c && mv yaml.c.o.tmp yaml.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o vec.c.o.tmp vec.c && mv vec.c.o.tmp vec.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o cpucount.c.o.tmp cpucount.c && mv cpucount.c.o.tmp cpucount.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o base32_to.c.o.tmp base32_to.c && mv base32_to.c.o.tmp base32_to.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o base32_from.c.o.tmp base32_from.c && mv base32_from.c.o.tmp base32_from.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o base64_to.c.o.tmp base64_to.c && mv base64_to.c.o.tmp base64_to.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o base64_from.c.o.tmp base64_from.c && mv base64_from.c.o.tmp base64_from.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o ioutil.c.o.tmp ioutil.c && mv ioutil.c.o.tmp ioutil.c.o\r\ngcc -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -c -o keccak.c.o.tmp keccak.c && mv keccak.c.o.tmp keccak.c.o\r\ngcc -no-pie -std=c99 -Wall -Wextra -Wno-maybe-uninitialized -Wno-unused-function -Wmissing-prototypes -Wstrict-prototypes -O3 -march=native -fomit-frame-pointer -DED25519_donna -DSTATISTICS -DPASSPHRASE -o mkp224o.tmp main.c.o worker.c.o yaml.c.o vec.c.o cpucount.c.o base32_to.c.o base32_from.c.o base64_to.c.o base64_from.c.o ioutil.c.o keccak.c.o -lpthread -lsodium && mv mkp224o.tmp mkp224o\r\n\r\n# wir erzeugen mal Keys die mit filter und fast starten sollen...\r\nbitcoin@pi-zero:~\/mkp224o $ .\/mkp224o filter fast -t 1 -v -n 1 -d .\/TW-Keys\r\nset workdir: .\/TW-Keys\/\r\nsorting filters... done.\r\nfilters:\r\n\tfast\r\n\tfilter\r\nin total, 2 filters\r\nusing 1 thread\r\nfastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion\r\nwaiting for threads to finish... done.\r\n\r\n# ok, wir haben einen Key erzeugt der mit fast... startet\r\n# wir wechseln dann in das Verzeichnis und schauen uns an was generiert wurde\r\nbitcoin@pi-zero:~\/mkp224o $ cd TW-Keys\/\r\nbitcoin@pi-zero:~\/mkp224o\/TW-Keys $ ls\r\n\r\n# das Verzeichnis mit den Keys, da gehen wir rein\r\nfastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion\r\nbitcoin@pi-zero:~\/mkp224o\/TW-Keys $ cd fastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion\/\r\n\r\n# wir listen uns alle Dateien auf\r\nbitcoin@pi-zero:~\/mkp224o\/TW-Keys\/fastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion $ ls\r\n\r\n# diese drei Dateien wurden generiert ...\r\nhostname hs_ed25519_public_key hs_ed25519_secret_key\r\n\r\n# die hostname Datei enth\u00e4lt ...\r\nbitcoin@pi-zero:~\/mkp224o\/TW-Keys\/fastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion $ cat hostname\r\n\r\nfastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion\r\n\r\n\r\nbitcoin@pi-zero:~\/mkp224o\/TW-Keys\/fastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion $ cat hs_ed25519_public_key\r\n== ed25519v1-public: type0 ==(\r\nbitcoin@pi-zero:~\/mkp224o\/TW-Keys\/fastjvg2pctazqrisduqgxlqpirfso4m7h3v3lt7httqhqsatgpo3oid.onion $\r\n<\/pre>\nUnd alle Parameter des Programms:<\/p>\n
.\/mkp224o -h\r\nUsage: .\/mkp224o filter [filter...] [options]\r\n .\/mkp224o -f filterfile [options]\r\nOptions:\r\n\t-h - print help to stdout and quit\r\n\t-f - specify filter file which contains filters separated by newlines\r\n\t-D - deduplicate filters\r\n\t-q - do not print diagnostic output to stderr\r\n\t-x - do not print onion names\r\n\t-v - print more diagnostic data\r\n\t-o filename - output onion names to specified file (append)\r\n\t-O filename - output onion names to specified file (overwrite)\r\n\t-F - include directory names in onion names output\r\n\t-d dirname - output directory\r\n\t-t numthreads - specify number of threads to utilise (default - CPU core count or 1)\r\n\t-j numthreads - same as -t\r\n\t-n numkeys - specify number of keys (default - 0 - unlimited)\r\n\t-N numwords - specify number of words per key (default - 1)\r\n\t-Z - use \"slower\" key generation method (initial default)\r\n\t-z - use \"faster\" key generation method (later default)\r\n\t-B - use batching key generation method (>10x faster than -z, current default)\r\n\t-s - print statistics each 10 seconds\r\n\t-S t - print statistics every specified ammount of seconds\r\n\t-T - do not reset statistics counters when printing\r\n\t-y - output generated keys in YAML format instead of dumping them to filesystem\r\n\t-Y [filename [host.onion]] - parse YAML encoded input and extract key(s) to filesystem\r\n\t--rawyaml - raw (unprefixed) public\/secret keys for -y\/-Y (may be useful for tor controller API)\r\n\t-p passphrase - use passphrase to initialize the random seed with\r\n\t-P - same as -p, but takes passphrase from PASSPHRASE environment variable\r\n<\/pre>\nIn einen folgenden Blockbeitrag zeige ich was man damit sch\u00f6nes machen kann.<\/p>\n","protected":false},"excerpt":{"rendered":"
Dank an Dr.Kleinhirn.eu f\u00fcr die Mindmap Wenn man Wikipedia glauben will dann ist „Curve25519 … eine elliptische Kurve, die f\u00fcr asymmetrische Kryptosysteme genutzt wird. Sie wird \u00fcblicherweise f\u00fcr digitale Signaturen und Schl\u00fcsselaustauschprotokolle genutzt und gilt als besonders schnell. Sie ist von der IETF als RFC 7748 standardisiert.“ Aber sie wird auch f\u00fcr Onion-Services verwendet. Deshalb … <\/p>\n
\u201eZum heutigen National Donut Day mit Curve25519 free private\/public Key generieren f\u00fcr Hidden Onion-Services\u201c <\/span>weiterlesen<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[220,4606,1023,2752,1319,4908],"tags":[4912,4911,4915,4914,4909,4913,4910],"class_list":["post-16988","post","type-post","status-publish","format-standard","hentry","category-anleitung","category-crypto","category-raspberry-pi","category-raspberry-pi-zero-w","category-sicherheit-2","category-tor","tag-dark-net","tag-darknet","tag-donut","tag-donut-day","tag-mkp224o","tag-national-donut-day","tag-tor"],"_links":{"self":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/16988","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16988"}],"version-history":[{"count":0,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/16988\/revisions"}],"wp:attachment":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16988"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16988"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16988"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"http:\/\/blog.wenzlaff.de\/wp-content\/uploads\/2021\/06\/tor_onion_services.png\")