IT Security in Large IT Infrastructures VU - SS2021 (183.633) Lab0

Team size: 1

Start and deadline for this lab: see (external link)tuwel

Exercise interview: No exercise interviews. If submissions are unclear, students can be invited for exercise interviews.

Exercise

The goal of this lab is to refresh experiences with cryptography, especially encryption of emails. If you succeed in solving the lab, you are able to log into the lab environment.

Specification Lab0a

This part of the exercise deals with simple cryptography which you are obliged to solve for receiving credentials for the lab environment. It is compulsory that you use your student email-address (eMATRICULATION-NUMBER(at)student.tuwien.ac.at, MATRICULATION-NUMBER stands for your own matriculation number and (at) for @). Use a mail client of your choosing and configure your email address (for further references: (external link)http://www.zid.tuwien.ac.at/student/internet_services/e_mail/)

Install (external link)PGP or (external link)GnuPG. Create a key-pair, assign it to your e-mail address and set a name for the user id. Then use our Account Mailer.

IMPORTANT: You will receive the login credentials for further exercises via an encrypted e-mail. Therefore, it is mandatory that you manage to receive encrypted e-mails and decrypt them. Of course, you can use the account mailer service more than once for testing purposes. Please also remember your changed password for the further labs ;-)

Specification Lab0b

With the credentials of Lab0a you have to log in at the exercise environment using ssh (tese.inso.tuwien.ac.at, Port 65535. (On Windows you can use, e.g., putty.) On tese you will find a file named CHALLENGE -- follow the instructions in there.

The following fingerprints can be used for verification of the host key: SHA256:qQTnXCUlijOprDXGXxwUOEcIgA/wNKrX4uD/OWgDM/0 (ECDSA), SHA256:v/YF3mDXaebgn+hFhv7eCraHtL+7epMuOKLbV//SBvE (RSA). You might need to configure your client in order to obtain the desired key type.

You are required to change the initial password of your account obtained via the Lab0a web service on the first login.

Please make sure that SSH multiplexing is not enabled. Otherwise, the password change request happens again on successive logins through the established SSH connection.

Submission Lab0

You will find all necessary information in the CHALLENGE file. Follow the instructions and upload your submission to tuwel.

Notes

Please keep in mind that this lab is relatively short. Do not deduce the effort of later labs from lab0.

Additional Notes

Back to Top