Category Archives: Security

apt – install the package that contains a specific file

Sometimes a command that you execute complains about a dependency being missing on the system. From the file name in the error message it is often not possible to know exactly which package needs to be installed to resolve the … Continue reading

Posted in Linux Administration, Security | Tagged , , , , , , , | Leave a comment

Increase the size of a LUKS encrypted partition

Even encrypted discs or partitions sometimes need to have their size increased. A LUKS encrypted volume consists of different layers which all need to be resized. To resize an encrypted volume, multiple steps have to be performed to use the additional … Continue reading

Posted in Linux Administration, Security | Tagged , , , , , | Comments Off on Increase the size of a LUKS encrypted partition

Certificate Transparency and unauthorized certificates

I own a domain which was bought a few months back which is managed by CloudFlare’s service in DNS-only mode. As I intended to only use CloudFlare’s DNS service, I disabled every option except the DNS related features. You can imagin the surprise to see certificates issued for my domain without my knowledge. Continue reading

Posted in Security, Web technologies | Tagged , , , , , | Comments Off on Certificate Transparency and unauthorized certificates

Verifying SSH configuration with a scan

Managing a number of Linux servers and keeping them secure can be a challenge. Certain tools can make the life of an admin a lot easier. To ensure an ssh daemon complies with a desired security configuration the admin can use a scanner … Continue reading

Posted in Linux Administration, Security | Tagged , , , | Comments Off on Verifying SSH configuration with a scan

Debug SSH Connection issue in key exchange

Securing a server means hardening the SSH server settings, but doing so can also cause issues with ssh clients. Finding the cipher or algorithm causing a failled connection can be tricky. Depending on the client used, the error message might be very … Continue reading

Posted in Linux Administration, Security | Tagged , , , , | Comments Off on Debug SSH Connection issue in key exchange

Automount a luks encrypted volume on system start

Linux supports encrypted volumes with luks. When a luks encrypted volume is set up during installation to be booted from, the volume is already configured and set up. When an encrypted volume is set up afterwards, the volume remains locked until … Continue reading

Posted in Linux Administration, Security | Tagged , , , , , , | Comments Off on Automount a luks encrypted volume on system start

Harden SSH server settings

Many Linux Administrators use ssh on a daily basis. Many of the ssh servers are in their default configuration. Not changing the default configuration puts the security of the server at risk. That is why it is important to follow a few … Continue reading

Posted in Linux Administration, Security | Tagged , , , | Comments Off on Harden SSH server settings

Manage SSH-keys with the SSH-agent

Many webservices generate ssh keys to access their service. With the amount of services the number of SSH keys grows. To avoid dealing with the keys in the command line and the ssh_config(5), you can simply add the ssh-key to the … Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Manage SSH-keys with the SSH-agent

Create a luks encrypted partition on Linux Mint

Encryption is not only for someone who has something to hide. There are simple concerns like a lost or stolen laptop that justify a full disk encryption. There are only a few steps necessary to create a encrypted partition. In … Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Create a luks encrypted partition on Linux Mint

Perform a portscan using netcat

To perform a port scan, most of the time we think about a separate program. Sometimes it is not necessary to look that far. On most Linux systems netcat is already installed or can be installed easily from a repository. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Perform a portscan using netcat