Recently I came across an excellent software called CoreFreq. It is a CPU monitoring software designed for 64-bits Processors w/ architectures Intel Atom, Core2, Nehalem, SandyBridge and superior, and AMD Family 0F. It runs on 64 bit Linux system. CoreFreq provides a framework to retrieve CPU data with a high degree of precision:
Raptor Engineering is working and crowdfunding a high-end power8 based desktop computer with zero proprietary firmware blobs in the Talos Secure Workstation. Traditionally IBM, Oracle(Sun), Intel/AMD and others ruled this market segment. But now there is competition to Intel for a desktop computer.
Entropy is nothing but the measure of “randomness” in a sequence of bits. The PRNG ( pseudorandom number generator ) is a special device (e.g. /dev/random on Linux) to create randomness from server hardware activities. It uses interrupts generated from the keyboard, hard disk, mouse, network and other sources. The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The randomness usually used for security purposes like creating TLS/SSL keys and the quality source of random bits is critical. For example, OpenSSL APIs can use quality randomness to make your program cryptographically secure. However, a poor source of randomness could result in loss of security. In this post, I will cover haveged and rng-utils/rng-tools to generate random numbers and feed linux random device for your virtual or dedicated Linux server.
Linux, FreeBSD, and Unix-like systems are multi-user and need some way of authenticating individual users. Back in the old days, this was done in different ways. You need to change each Unix application to use different authentication scheme. Also, authentication schemes differed between a variant of Unix systems. Porting was a nightmare. For example to use Windows Server (Active Directory) or LDAP for authentication you need to make changes to an application. Each application had its way of authenticating users. So Open Group lead to the development of PAM for the Unix-like system. Today Linux, FreeBSD, MacOS X and many other Unix-like systems are configured to use a centralized authentication mechanism called Pluggable Authentication Modules (PAM). The book “PAM Mastery” deals with the black magic of PAM.
We have a couple of virtual servers hosted with Softlayer for processing data and backup purpose. The public interface is completely turned off i.e. no Internet access. We can only access VMs using a VPN. It resulted in decreased costs and many security problems for backend servers. However, when you order “Private Network Only” cloud VM, you cannot route outgoing traffic to the Internet using your VM.
The Debian GNU/Linux project has released an updated version of its stable distribution Debian 8 (“jessie”). You must update to get corrections for security problem as this version made a few adjustments for the serious issue found in Debian 8.2.
Rolling back to the previous version may solve the problem or free the disk space. Both CentOS/RHEL support rollback feature, but I learned hard way both Debian and Ubuntu does not support rollback feature yet.
Do you want to display a super cool logo of your Linux distribution along with basic hardware information? Look no further try awesome screenfetch and linux_logo utilities.
For new computer or Laptop or server, I need to collect the information about its hardware. This is also useful when you need to replace a disk or memory with a vendor. In order to replace hardware you need all information in advance. In this post, I’m going to list commands that you can use to collect the hardware information.
Today I will be talking about ansible, a powerful configuration management solution written in python. There are many configuration management solutions available, all with pros and cons, ansible stands apart from many of them for its simplicity. What makes ansible different than many of the most popular configuration management systems is that its agent-less, no need to setup agents on every node you want to control. Plus, this has the benefit of being able to control you entire infrastructure from more than one place, if needed. That last point’s validity, of being a benefit, may be debatable but I find it as a positive in most cases. Enough talk, lets get started with Ansible installation and configuration on a RHEL/CentOS, and Debian/Ubuntu based systems.