Free rsa software for linux

yyyRSA is a simple program to encrypt and decipher messages with the RSA asymetrical encryption algorithm.
Alice wants to send Bob a message. Eve can monitor the communication between Alice and Bob. he can read everything they send to each other.
Bob creates a key. It will consist of two files. the public key and the private key.
Bob gives Alice his public key.
Eve now also has his public key!
Alice encrypts a message with this public key.
Alice sends the message to Bob
Eve now also has the encrypted message!
Bob decrypts the message with the secret key.
Eve can do nothing, because it is not possible to decrypt the message with the public key !
yyyRSA is designed to be ULTRA secure. speed doesnt matter, nor does size of the encrypted message.
It is a possible option to create the secret key if you have a public key. However the algorithm to do this takes too much time, see the next chapter.
Enhancements:
- Added numberencode program
- Released 1.0.2

ENTROPY stands for Emerging Network To Reduce Orwellian Potency Yield and as such describes the main goal of the project.
Main features:
- ENTROPY is developed as a response to increasing censorship and surveillance in the internet. The program connects your computer to a network of machines which all run this software. The ENTROPY network is running parallel to the WWW and also other internet services like FTP, email, ICQ. etc.
- For the user the ENTROPY network looks like a collection of WWW pages. The difference to the WWW however is that there are no accesses to central servers. And this is why there is no site operator who could log who downloaded what and when. Every computer taking part in the ENTROPY network (every node) is at the same time server, router for other nodes, caching proxy and client for the user: that is You.
- After you gained some experience with the ENTROPY network, there are command line tools for you to insert whole directory trees into the network as a ENTROPY site. So ENTROPY does for you what a webspace provider does for you in the WWW - but without the storage and bandwidth costs and without any regulation or policy as to what kind of content you are allowed to publish. Everyone can contribute his own ENTROPY site for everybody else to browse through. The contents is stored in a distributed manner across all available and reachable nodes and no one can find out about who put up what contents into the network. Even if your node is not actively running, your contents can be retrieved by others -- without knowing that it was actually you who published the files. Of course this is only true if you do not publish your name (or leave your name or other personal data in the files you publish)
Enhancements:
- Bugfixes were made.
- This release is not backwards compatible.

brandgang is a http firewall tunneling for Java applets with restricted network.
You should install the software like this:
Extract the archive to a (home-)directory. For now there are no
installation scripts or further installation instructions.
tar -xzvf brandgang-0.1.xxx.tar.gz
WinZip users check: TAR file smart CR/LF Conversion.
You will need to create directories "var" and "lib" by hand, if your
archiver ignores empty directories. Check MANIFEST for anything
missing.
Main features:
- This transparently uses the browser configured proxy, simulating duplex communication, by multiple java.net.HttpURLConnections to a http tunnel server, that forwards the connection. Because no reference to the proxy is made, no security exceptions will be thrown for restricted applets.
-
- A combination of encryption (RSA/RC4) and message digests(MD5) is used in an effort to secure an insecure datapath. Though this comes with only a (small) telnet and SSH client, it is supposed to be easy to modify other networking applets to use tunnels.
-
- You can still use modified clients for direct connections over tcp sockets. You can also use secured connections to the tunnel server over a common tcp socket, and have the connection forwarded.
-
- The tunnel server can forward to multiple servers, handling multiple tunnels concurrently. The tunnel server can handle requests from http clients for files,
- so you dont need to run any (other) httpd to host the applets. The tunnel server can be used to enable access to a LAN. You can allow accepting and connecting hosts for the tunnel server (besides setting a Java security policy).
-
- Both server and clients are written in Java.

RakNet project is a reliable UDP networking API.
RakNet is a networking API that is a wrapper for reliable UDP and higher level functionality on Windows, Linux, and Unix.
It allows any application to communicate with other applications on the same computer, over a LAN, or over the internet.
Although it could be used for any networked application, it was developed specifically for rapid development of online games and the addition of multiplayer to single player games.
Main features:
- Secure connections
- With one line of code Raknet will automatically use SHA1, AES128, SYN Cookies, and RSA to prevent connection spoofing, replay attacks, data eavesdropping, packet tampering, and MitM attacks. Overhead averages 12 bytes per datagram.
- Voice communication
- Using Speex for encoding / decoding, 16 bit audio can be transmitted using approximately 1000 bytes per second.
- Remote terminal
- Using either Telnet or secure RakNet, you can remotely administrate your applications. The system has built-in commands for most RakNet functions and is designed for users to extend for their own purposes. Example capabilities include application resets, password management, and logging.
- Application directory server
- The application directory server allows servers to list themselves for clients to find and connect to. The system uses a key / value system. Listing your server and posting new rules are both done with a single line of code.
- Autopatcher
- Update your users with database driven binary delta patches, or use a simpler version for updates such as user skins or maps.
- Object replication system
- RakNets object and memory replication system provides a framework from which you can synchronize your program state. It requires no changes to your program architecture and there is no unneeded overhead. Memory is replicated through a single function call, with support for callbacks for serialization of complex types such as pointers.
- Network traffic compression
- The BitStream class allows compressed writes of vectors, matrices, quaternions, and real numbers between -1 and 1. It also supports delta compression, by which unchanged values only use a single bit.
- Remote function calls
- While you can send and interpret your own bit streams, remote function calls make this process easier as you now deal with functions rather than raw data. Remote function calls only take 1-2 bytes of overhead and allow both static C function calls and class member function calls. Return values are also supported.
- Routing and multicasting
- RakNet supports automatically updated connection graphs, which are used for routing and multicasting via a minimum spanning tree. You could, for example, use RakNet for highly efficient distributed peer-to-peer file sharing. Simpler applications include directed messages between clients and efficient broadcasts.
- Robust communication layer
- Flow control, message ordering on different channels, message coalescence, and splitting and reassembly of packets larger than the MTU are transparently handled for you.

Ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. Runs only on x86 linux, bsd and MacOS X.
libssh is a C library to access SSH 2 services from a program. It can remotely execute programs, transfer files, and serve as a secure and transparent tunnel for remote programs. Its Secure FTP implementation can play with remote files easily, without third-party programs others than libcrypto (from OpenSSL).
Main features:
- Full C library functions for manipulating a client-side SSH connection
- Lesser GPL licensing -SSH2 protocol compliant
- Fully configurable sessions
- Support for AES-128,AES-192,AES-256,blowfish, in cbc mode
- Use multiple SSH connections in a same process, at same time
- Use multiple channels in the same connection
- Thread safety when using different sessions at same time
- Basic but correct SFTP implementation (secure file transfer)
- RSA and DSS server public key supported
- Compression support (with zlib)
- Public key (RSA and DSS), password and keyboard-interactive authentication
- A complete documentation about its API
- Runs and tested under amd64, x86, arm, sparc32, ppc under Linux, Bsd, MacosX and Solaris
- A developer listening to you
Enhancements:
- Connection timeout support
- Keyboard-interactive authentication (used by Pam with SSH)
- Server public keys management
- 64 bits cpu support
- Enhanced documentation
- and of course a huge number of bugfixe

ksshfs program is an easy to use front end for sshfs. The main limitation right now is that there is no way to enter a password at runtime to sshfs, so you should set up your ssh server and client to do a password-less login with RSA keys or some other sort of key exchange.

This shouldnt be a big problem for most home users. I will work on a way to get password input soon. Any ideas on how to accomplish this easily are more than welcome.

Also, if you choose to start konqueror via this tool, you will have to close that konqueror window before closing this tool. If anyone knows a way around this also, please let me know.

This program requires sshfs and all its dependencies, as well as kommander.

sshfs allows a user to mount the filesystem of a remote computer as a local file system so that all local programs can access files on the remote computer as if they were local. This is a very easy and secure way to do file sharing.

Read more about sshfs here: http://fuse.sourceforge.net/sshfs.html

There is an sshfs how-to here: http://ubuntu.wordpress.com/2005/10/28/how-to-mount-a-remote-ssh-filesystem-using-sshfs/

(this how-to is aimed at k/ubuntu users, but should be easily adaptable to users of other flavors of linux, etc.)

This application is a graphical user interface to OpenSSL, RSA public keys, certificates, signing requests and revokation lists.
The keys do have an internal counter, counting its use to avoid a duplicate use of a key for creating a certificate or request. The Keys are encrypted in the database file.
Xca supports next to the usual PEM and DER format of certificates the import and export of PKCS#12 (aka *.pfx) files and the Certificate import from PKCS#7 files.
Certificates can be created by self signing it, by signing it by an other (usually CA) certificate or by signing a PKCS#10 request. Netscape SPKAC is supported since version 0.4.6. The validity dates and x509.v3 extensions can be adjusted to fit ones needs. The use of multiple certificates in CA chains is supported and a tree view of the certificates reflects the dependencies. The application takes care to not create duplicate certificates by checking the serial number(s) on import and creation of certificates.
Certificate Templates can be used to preset the input dialog with reasonable values and to simplify the process of creating certificates and requests.
Issued certificates can be revoked and the revokation list can be created and exported. External revokation lists can be imported and examined.
Main features:
- Database
- Uses one local databasefile for all settings, Keys, Requests and Certificates. IMHO it is an advantage and not a disadvantage
- transactions, recovery and db-exceptions are used to keep it consistent.
- Keys
- import and export of PEM, DER, PKCS#8 private and public RSA keys.
- Key generation with variable length
- Keys are 3-DES encrypted in database
- PKCS#10 Requests
- import and export of Requests.
- Request generation.
- X509 Certificates
- Generation of self signed and foreign signed Certificates.
- Tree view of Certificate chains.
- All x509 v3 extensions are implemented.
- Certificate dependend autoincrementing serialnumbers.
- Pre setting of the signing serial number.
- Shows Subject, Issuer, Serial, Dates, V3 extensions, SHA1 and MD5 fingerprints.
- CRL export for CA certificates.
- generate request from certificate.
- import and export in DER, PEM and PKCS#12 format.
- several export formats containing certificate chains or not.
- Signing and encryption of files added, they are written in PEM PKCS#7 format
- Export to TinyCA or "openssl ca" filestructure
- Certificates in tree view or in plain view
- Sorting of certificates by date or serial
- All known X.509 name-entry OIDs can be used in the distinguished name
- The hash algorithm for signing is selectable
- templates
- Generation of predefined CA, Client and Server Templates.
- Certificates and Requests can use the Templates
- Revokation lists
- Import, export, detailed view and creation of CRLs
Enhancements:
- Break endless loop in chain building. Bug [ 1696878 ]

MUltihost SSH Wrapper is a shell script that allows you to execute a command or script over SSH on multiple hosts with one command. When possible, it will use ssh-agent and RSA/DSA keys to minimize the need to enter your password more than once.
Enhancements:
- An error is now avoided when someone hits CTRL- and there are no .active files.
- A man page was added.
- ssh timeout was added.