Difference between pages "Install/pt-br/Stage3" and "Package:OpenSSL"

From Funtoo
< Install(Difference between pages)
Jump to navigation Jump to search
m (Tocadotux moved page Install/Stage3/es to Install/pt-br/Stage3/: Change of directory)
 
 
Line 1: Line 1:
=== Instalndo o Stage 3 tarball ===
{{Ebuild
|Summary=Full-strength general purpose cryptography library (including SSL and TLS.)
|CatPkg=dev-libs/openssl
|Homepage=http://www.openssl.org
}}
{{PageNeedsUpdates}}
OpenSSL is a cryptography package used with {{Package|net-misc/openssh}}, web servers, and more.  ftps, https, smtps, imaps, etc use SSL/TLS.  SSL/TLS is used to prevent man in the middle attacks on plain text streams of data.  As this is a security package it is frequently cycled from testing, & bug repairs.
{{note|ssl is old, tls is new.  If you have the option to run tls, run tls rather than ssl}}


Depois de criar os  filesystems, o próximo passo é baixar o Stage 3 tarball inicial. O Stage 3 é um sistema pré-compiled utilizado como um ponto inicial para instalar o Funtoo Linux. Carregue um dos seguintes URLs em outra janela do navegador:
=== Installation ===
{{console|body=###i## emerge dev-libs/openssl}}


{{MirrorList}}
=== Usage ===
ssl uses several certificates with differing coverage, and use cases.  Certificates are obtained by 3rd party sites.  go-daddy, namecheap, and verisign are popular ssl certificate providers, though several others exist.


Agora, vamos navegar pelos diretórios nos mirrors para encontrar o build apropriado do  Funtoo Linux para você.
The general overview is buy certificate, send private files, send extra information if required, get files back, insert files into openssl configs, change program configs ports to S version of the protocol, (as in for web port 80, now listens to port 443, and i address the server as https instead of http now.) reorder the cert next year.


==== Qual Build? ====
==== Self Signed Certificates ====
Free:
Self signed certificates are free, self made, quick, easy to setup, and insecure.  They are great for lab experiments, and testing out new technologies that you're not familiar with.


'''Se não estiver certo, escolha <code>funtoo-current</code>.'''
==== Free Certificates ====
Free:  (with restrictions)
You can get free certificates from places like StartSSL.com.  The free certificates from them are not recommended if you are a company or doing E-Commerce as they only validate that you own the domain, not anything beyond that. However, for personal sites, you can't beat the cost.


Funtoo Linux possui vários 'builds' diferentes, ou variantes. Here is a list of the various builds that are available, and what their distinctive features are:
==== Single Domain Certificates ====
Generally $10/yr:
Single domain certificates are probably the cheapest ssl certificate you will find on the web.  This certificate does not cover subdomains.


{{TableStart}}
==== Unified Communications Certificate ====
<tr><th class="info">Build</th><th class="info">Description</th></tr>
Generally $300/yr
<tr><td><code>funtoo-current</code></td><td>The most commonly-selected build of Funtoo Linux. Receives rapid updates and preferred by desktop users.</td></tr>
This certificate is meant for small businesses.  This type of certificate will generally cover 20-30 domains, sites, or subdomains.
<tr><td><code>funtoo-current-hardened</code></td><td>Same package set as <code>funtoo-current</code>, but with a hardened, exploit-resistant toolchain.</td></tr>
<tr><td><code>funtoo-stable</code></td><td>Emphasizes less-frequent package updates and trusted, reliable versions of packages over the latest versions.</td></tr>
{{TableEnd}}


If you want to read more about this, have a look at [[Funtoo_Linux#What_are_the_differences_between_.27stable.27.2C_.27current.27_and_.27experimental.27_.3F|Differences between stable, current and experimental]].
==== Wildcard Certificates ====
Generally $300/yr
Wildcard certificates are expensive, however they cover every subdomain name you add.


==== What Architecture?  ====
==== Other Misc Certs ====
*domain validated SSL Certificates
*organization validated SSL Certificates
*Extended Validation SSL Certificates


'''If you're not sure, pick <code>x86-64bit</code>, or possibly <code>pure64</code> for server systems.'''
=== Using SSL With Nginx or Tengine ===
See this page:  [[HOWTO:WebServer_SSL]]


For PC-compatible systems, the following choices are available:
=== External Resources ===
 
https://wiki.archlinux.org/index.php/OpenSSL
{{TableStart}}
{{EbuildFooter}}
<tr><th class="info">Architecture</th><th class="info">Description</th></tr>
<tr><td><code>x86-64bit</code></td><td>For modern 64-bit processors. Uses new 64-bit instructions and address space. Maintains 32-bit compatibility with multilib.</td></tr>
<tr><td><code>pure64</code></td><td>For modern 64-bit processors but with no support for 32-bit compatibility.</td></tr>
<tr><td><code>x86-32bit</code></td><td>For older 32-bit systems such as Athlon XP, Pentium 4, or earlier Atom.</td></tr>
{{TableEnd}}
 
==== Your SubArch ====
 
Inside <code>/funtoo-current/x86-64bit/</code> on one of our mirrors, you'll see a bunch of directories for various ''subarches'' of Funtoo Linux. Subarches are builds of Funtoo Linux that are designed to run on a particular type of CPU, to offer the best possible performance. They also take advantage of the instruction sets available for each CPU.
 
If you are using an AMD-based CPU, download a stage3 from <code>generic_64</code>, <code>amd64-k8</code>, <code>amd64-k10</code>, <code>amd64-bulldozer</code>, <code>amd64-piledriver</code>, <code>amd64-steamroller</code> or <code>amd64-jaguar</code>.  See [[Subarches#64-bit AMD Processors|our list of 64-bit AMD subarches]] for help figuring out which one is best for you.
 
If you are using an Intel-based CPU, download a stage3 from <code>generic_64</code>, <code>atom_64</code>, <code>core2_64</code> or <code>corei7</code>. Note that <code>corei7</code> is ideal for any modern Intel processor, including Core i3 and Core i5, and many Xeons.  [[Subarches#64-bit Intel Processors|our list of 64-bit Intel subarches]] for help figuring out which one is best for you.
 
If you are using a 32-bit CPU, download a stage3 from <code>generic_32</code>, <code>i686</code>, <code>core2_32</code>, <code>atom_32</code> or <code>athlon-xp</code>.
 
==== Setting the Date ====
 
{{fancyimportant|If your system's date and time are too far off (typically by months or years,) then it may prevent Portage from properly downloading source tarballs. This is because some of our sources are downloaded via HTTPS, which use SSL certificates and are marked with an activation and expiration date. However, if you system time is relatively close to correct, you can probably skip this step for now.}}
 
Now is a good time to verify the date and time are correctly set to UTC. Use the <code>date</code> command to verify the date and time:
 
<console>
# ##i##date
Fri Jul 15 19:47:18 UTC 2011
</console>
 
If the date and/or time need to be corrected, do so using <code>date MMDDhhmmYYYY</code>, keeping in mind <code>hhmm</code> are in 24-hour format. The example below changes the date and time to "July 16th, 2011 @ 8:00PM" UTC:
 
<console>
# ##i##date 071620002011
Fri Jul 16 20:00:00 UTC 2011
</console>
 
Uma vez que você tenha definido o sistema de horário (system clock), é uma boa ideia copiar o horário para o sistema de horas do seu hardware (hardware clock), assim ele persiste nos reboots:
 
<console>
# ##i##hwclock --systohc
</console>
 
==== Baixe o Stage3 ====
Uma vez que você está no root filesystem do seu Funtoo Linux, utilize <code>wget</code> para baixar o Stage 3 tarball que você escolheu utilizar como base para o seu novo sistema Funtoo Linux. Ele deve se salvo no direorio <code>/mnt/funtoo</code> como a seguir:
 
<console># ##i##cd /mnt/funtoo
# ##i##wget http://build.funtoo.org/funtoo-current/x86-64bit/generic_64/stage3-latest.tar.xz
</console>
 
Note que sistemas 64-bit pode rodar stages 32-bit ou 64-bit, mas o sistema 32-bit podem somente rodar stages de 32-bit. Certifique-se de selecionar um Stage 3 que é apropriado para o seu CPU (processador). Se não estiver certo, é uma aposta segura escolher o stage <code>generic_64</code> ou <code>generic_32</code>. Consulte a página de [[Download]] para mais informações.
 
Uma vez o stage for baixado, extraia os conteúdos com o seguinte comand, substituindo o nome nome real pelo seu stage 3 tarball:
<console>
# ##i##tar xpf stage3-latest.tar.xz
</console>
 
{{important|é muito importante utilizar <code>tar's</code> "<code>'''p'''</code>" option when extracting the Stage 3 tarball - it tells <code>tar</code> to ''preserve'' any permissions and ownership that exist within the archive. Without this option, your Funtoo Linux filesystem permissions will be incorrect.}}

Latest revision as of 05:58, July 9, 2015

OpenSSL

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

OpenSSL is a cryptography package used with net-misc/openssh, web servers, and more. ftps, https, smtps, imaps, etc use SSL/TLS. SSL/TLS is used to prevent man in the middle attacks on plain text streams of data. As this is a security package it is frequently cycled from testing, & bug repairs.

   Note

ssl is old, tls is new. If you have the option to run tls, run tls rather than ssl

Installation

root # emerge dev-libs/openssl

Usage

ssl uses several certificates with differing coverage, and use cases. Certificates are obtained by 3rd party sites. go-daddy, namecheap, and verisign are popular ssl certificate providers, though several others exist.

The general overview is buy certificate, send private files, send extra information if required, get files back, insert files into openssl configs, change program configs ports to S version of the protocol, (as in for web port 80, now listens to port 443, and i address the server as https instead of http now.) reorder the cert next year.

Self Signed Certificates

Free: Self signed certificates are free, self made, quick, easy to setup, and insecure. They are great for lab experiments, and testing out new technologies that you're not familiar with.

Free Certificates

Free: (with restrictions) You can get free certificates from places like StartSSL.com. The free certificates from them are not recommended if you are a company or doing E-Commerce as they only validate that you own the domain, not anything beyond that. However, for personal sites, you can't beat the cost.

Single Domain Certificates

Generally $10/yr: Single domain certificates are probably the cheapest ssl certificate you will find on the web. This certificate does not cover subdomains.

Unified Communications Certificate

Generally $300/yr This certificate is meant for small businesses. This type of certificate will generally cover 20-30 domains, sites, or subdomains.

Wildcard Certificates

Generally $300/yr Wildcard certificates are expensive, however they cover every subdomain name you add.

Other Misc Certs

  • domain validated SSL Certificates
  • organization validated SSL Certificates
  • Extended Validation SSL Certificates

Using SSL With Nginx or Tengine

See this page: HOWTO:WebServer_SSL

External Resources

https://wiki.archlinux.org/index.php/OpenSSL


Retrieved from "https://www.funtoo.org/index.php?title=Install/pt-br/Stage3&oldid=10769"