Category Archives: Security

FIDO2 security key management via commandline

FIDO2 Security keys are starting to take off. Many online services use support them ad the number is growing every day. At this point it seems FIDO Security keys are the way forward. FIDO2 being the second iteration of the … Continue reading

Posted in Security | Tagged , , , , | Leave a comment

What’s the fuss about FIDO

So many discussions are everywhere about FIDO, so what is all that fuss about? Lets look into why FIDO is argued to be the next big thing in authentication. Before getting into it, let me say thanks to all the … Continue reading

Posted in Security | Tagged , , , | Comments Off on What’s the fuss about FIDO

Secure authentication and how it changed over time

For decades, users have authenticated on systems with usernames and passwords. This method of authentication has not changed since the beginning of the Internet. As the Internet became a more hostile place and threats emerged, password rules were introduced. Those … Continue reading

Posted in Encryption, Security | Tagged , , , , , , , , , , | Comments Off on Secure authentication and how it changed over time

Setup sftp only account using openssh and ssh-key

There are different ways to lock a user into his home directory. A very special case is to grant sftp-only access, which does not require a full chroot jail to be set up. The sftp subsystem built into openssh allows … Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Setup sftp only account using openssh and ssh-key

Docker container on RHEL fails to start without error

Recently a Docker container refused to start for me without any hint about why in the OS or Docker container’s logs. It turns out that SELinux jumped in and blocked access without logging its interference. Containers which were running in … Continue reading

Posted in Linux Administration, Security | Tagged , , , | Comments Off on Docker container on RHEL fails to start without error

Set the iLO password from Linux using hponcfg

No matter if you are looking for a way to manage the iLO settings from the Linux command line or just have lost or forgotten the iLO password, as long as you have access to the Linux system running on … Continue reading

Posted in Rescue, Security | Tagged , , | Comments Off on Set the iLO password from Linux using hponcfg

Manage SELinux boolean policies

Configuring a new service often means dealing with SELinux. The easiest way is most of the time to set an SELinux boolean. But what are SELiunx booleans and what exactly do they do? I will try to shed a little … Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Manage SELinux boolean policies

Auditing Linux system security using lynis

Lynis is a security auditing tool for UNIX and Linux based systems. It performs a security scan on the system and provides suggestions for best practices for system hardening. The report from lynis shows a lot of suggestions to harden … Continue reading

Posted in Security | Tagged , , | Comments Off on Auditing Linux system security using lynis

Apache document root in users home directory with SELinux

Serving web-content from a user’s home directory allows the user to conveniently upload files. By default, the apache configuration in many Linux distributions assumes content is uploaded to a single directory owned by the webserver’s user, but it might be … Continue reading

Posted in Security, Web technologies | Tagged , , , | Comments Off on Apache document root in users home directory with SELinux

Create GnuPG key with sub-keys to sign, encrypt, authenticate

In order to use a GnuPG key on a smartcard or Yubikey, a GnuPG key needs to be created. This post will show you how to create a GnuPG key with sub-keys for signing, encryption and authentication. The authentication key can … Continue reading

Posted in Encryption, Security | Tagged , , , , , , | Comments Off on Create GnuPG key with sub-keys to sign, encrypt, authenticate