Category Archives: Security
apt – install the package that contains a specific file
Sometimes a command that you execute complains about a dependency being missing on the system. From the file name in the error message it is often not possible to know exactly which package needs to be installed to resolve the … Continue reading
Increase the size of a LUKS encrypted partition
Even encrypted discs or partitions sometimes need to have their size increased. A LUKS encrypted volume consists of different layers which all need to be resized. To resize an encrypted volume, multiple steps have to be performed to use the additional … Continue reading
Certificate Transparency and unauthorized certificates
I own a domain which was bought a few months back which is managed by CloudFlare’s service in DNS-only mode. As I intended to only use CloudFlare’s DNS service, I disabled every option except the DNS related features. You can imagin the surprise to see certificates issued for my domain without my knowledge. Continue reading
Verifying SSH configuration with a scan
Managing a number of Linux servers and keeping them secure can be a challenge. Certain tools can make the life of an admin a lot easier. To ensure an ssh daemon complies with a desired security configuration the admin can use a scanner … Continue reading
Debug SSH Connection issue in key exchange
Securing a server means hardening the SSH server settings, but doing so can also cause issues with ssh clients. Finding the cipher or algorithm causing a failled connection can be tricky. Depending on the client used, the error message might be very … Continue reading
Automount a luks encrypted volume on system start
Linux supports encrypted volumes with luks. When a luks encrypted volume is set up during installation to be booted from, the volume is already configured and set up. When an encrypted volume is set up afterwards, the volume remains locked until … Continue reading
Harden SSH server settings
Many Linux Administrators use ssh on a daily basis. Many of the ssh servers are in their default configuration. Not changing the default configuration puts the security of the server at risk. That is why it is important to follow a few … Continue reading
Manage SSH-keys with the SSH-agent
Many webservices generate ssh keys to access their service. With the amount of services the number of SSH keys grows. To avoid dealing with the keys in the command line and the ssh_config(5), you can simply add the ssh-key to the … Continue reading
Create a luks encrypted partition on Linux Mint
Encryption is not only for someone who has something to hide. There are simple concerns like a lost or stolen laptop that justify a full disk encryption. There are only a few steps necessary to create a encrypted partition. In … Continue reading
Perform a portscan using netcat
To perform a port scan, most of the time we think about a separate program. Sometimes it is not necessary to look that far. On most Linux systems netcat is already installed or can be installed easily from a repository. Continue reading
