Category Archives: Security
FIDO2 security key management via commandline
FIDO2 Security keys are starting to take off. Many online services support them and the number is growing every day. At this point it seems FIDO Security keys are the way forward. FIDO2 being the second iteration of the FIDO … Continue reading
What’s the fuss about FIDO
So many discussions are everywhere about FIDO, so what is all that fuss about? Lets look into why FIDO is argued to be the next big thing in authentication. Before getting into it, let me say thanks to all the … Continue reading
Secure authentication and how it changed over time
For decades, users have authenticated on systems with usernames and passwords. This method of authentication has not changed since the beginning of the Internet. As the Internet became a more hostile place and threats emerged, password rules were introduced. Those … Continue reading
Setup sftp only account using openssh and ssh-key
There are different ways to lock a user into his home directory. A very special case is to grant sftp-only access, which does not require a full chroot jail to be set up. The sftp subsystem built into openssh allows … Continue reading
Docker container on RHEL fails to start without error
Recently a Docker container refused to start for me without any hint about why in the OS or Docker container’s logs. It turns out that SELinux jumped in and blocked access without logging its interference. Containers which were running in … Continue reading
Set the iLO password from Linux using hponcfg
No matter if you are looking for a way to manage the iLO settings from the Linux command line or just have lost or forgotten the iLO password, as long as you have access to the Linux system running on … Continue reading
Manage SELinux boolean policies
Configuring a new service often means dealing with SELinux. The easiest way is most of the time to set an SELinux boolean. But what are SELiunx booleans and what exactly do they do? I will try to shed a little … Continue reading
Auditing Linux system security using lynis
Lynis is a security auditing tool for UNIX and Linux based systems. It performs a security scan on the system and provides suggestions for best practices for system hardening. The report from lynis shows a lot of suggestions to harden … Continue reading
Create GnuPG key with sub-keys to sign, encrypt, authenticate
In order to use a GnuPG key on a smartcard or Yubikey, a GnuPG key needs to be created. This post will show you how to create a GnuPG key with sub-keys for signing, encryption and authentication. The authentication key can … Continue reading
