We can easily add a key file to LUKS disk encryption on Linux when running the cryptsetup command. A key file is used as the passphrase to unlock an encrypted volume. The passphrase allows Linux users to open encrypted disks utilizing a keyboard or over an ssh-based session. There are different types of key files we can add and enable LUKS disk encryption on Linux as per our needs:
Passphrase keyfile – It is a key file holding a simple passphrase.
Random text keyfile – This is a key file comprising a block of random characters which is much more resistant to dictionary attacks than a simple passphrase-based key file.
Binary keyfile – We can defile an image, video, or any other static binary file as key file for LUKS. It makes it harder to identify as a key file. It would look like a regular image file or video clip to the attacker instead of a random text keyfile.
Let us see how to enable LUKS disk encryption with a key file. [continue reading…]
All supported versions of FreeBSD are affected by various security bugs that need to be applied ASAP. If the process is privileged, it may escape jail and gain full access to the FreeBSD system. Similarly, when using Xen, a malicious or buggy frontend driver may be able to cause resource leaks. Let us see what and how to fix these security vulnerabilities on FreeBSD. [continue reading…]
Dart is easy to use BSD licensed programming language to build mobile, desktop, server, and web apps. Google creates and maintains the Dart ecosystem. It follows C-style syntax. We can compile code either to the native platform or JavaScript. Flutter allows building iOS/Android mobile and desktop/web apps from a single code base. Let us see how to install Dart programming language on a Debian or Ubuntu Linux and set vim as IDE. [continue reading…]
Despite some severe bugs in sudo, it remains the defacto tool to gain root shell or run command as another user on Linux, macOS, and Unix-like systems. The sudo command allows the system administrator to grant an individual user access to unprivileged commands. For instance, I can give developers the ability to restart the Apache webserver or PHP/Python process on a Linux server. Let us see how to remind developers and unprivileged users about the power of sudo for fun and profit. In this quick tip, I will show you how to add some spice to your sudo session with a lecture file on Linux or Unix. [continue reading…]
Raspberry Pi is a little useful computer for learning programming and building projects. It comes with Debian Linux based modified operating system called Raspbian. It is the most widely installed OS on RPi. In a recent update, the Raspberry Pi OS installed a Microsoft apt repository on all machines running Raspberry Pi OS without the person’s or admin’s knowledge. Every time a Raspbian device is updated by having this repo, it will ping a Microsoft server. Microsoft telemetry has a bad reputation in the Linux community. Let us see why and how this matters to Linux users. [continue reading…]
Linode is an original cloud platform and founded before AWS. Back then, we used to call them VPS (Virtual Private Server). Recently they added a new firewall feature to control network access to my Linode server from the Cloud. Let us test drive Linode cloud firewall. [continue reading…]
Bonsai (盆栽) is nothing but planting in a try. It is old age Japanese art of growing small trees in pots. Now you can do that with your Linux or Unix terminal easily for fun and profit. Let us look into the Bonsai tree generator called cbonsai created in Clang and Bash. [continue reading…]
Any logged-in unprivileged user can abuse an old bug in sudo to gain root privileges. It was rated as an important security issue for Linux and Unix-like operating systems. The Qualys research team has discovered the heap overflow vulnerability in sudo itself has been hiding in plain sight for nearly 10 years. The bug allows any local users to gain root access without authentication (no user’s password needed). We need to apply patches to our operating systems as soon as possible. [continue reading…]
Last year, the Raspberry Foundation also released a brand new version of the Raspberry PI PC (personal computer), and it is directly built into a small-sized keyboard. Now there is more good news for hackers and hardware developers. They just announced their first microcontroller-based product named Raspberry Pi Pico. This small device is priced at only US $4. Unbelievable price. Let us find out about Raspberry Pi Pico hardware specs and software support. [continue reading…]
As you know, Red Hat recently announced that CentOS Linux 8, as a rebuild of RHEL 8, will end in 2021. CentOS Stream continues after that date, serving as the upstream (development) branch of Red Hat Enterprise Linux. The news met with a strong reaction from the open-source community and CentOS users. Today, Red Hat released a new option where RHEL developer subscriptions can now be used in production environments. The developers and team can have up to 16 systems. In other words, it is a no-cost RHEL that small groups and developers can use to build packages and in production environments. [continue reading…]
