Pages
-
Recent Posts
- Revolving Door: MPAA Hires Chief USTR Negotiator Behind ACTA And TPP’s IP Chapter
- Copyright Maximalists’ Incredible Sense Of Entitlement: If It Challenges The Biz Model We Chose, It Must Be Illegal
- Turkey’s Prime Minister Sues His Own Country Over Twitter
- Picturefill 2
- Police File On Student ‘Bullied Into Committing Suicide’ Strangely Lacking In Evidence Of Bullying
Archives
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- December 2008
- November 2008
- October 2008
Meta
Category Archives: Security
PHPHOST BLOG
Web Hosting Related Articles You May Need
[one-liner]: Securing your Subversion Password using GPG Agent
Background
If you’ve ever dealt with subversion on Unix, one of the annoyances is that it essentially stores it’s password in clear text under your $HOME/.subversion/auth/svn.simple directory in text files. Not a huge deal to a single developer or user but if you work in a large company or even a small one this is a […]
Readers who viewed this page, also viewed:
Posted in one-liner, Security, subversion, Syndicated, tips & tricks
Comments Off on [one-liner]: Securing your Subversion Password using GPG Agent
How is my password stored in Linux?
Background
People that use Linux on a daily basis probably are completely oblivious to the actual mechanisms being used to store their passwords safely and securely on a given Linux system. Oh they might guess that their password is stored in the /etc/passwd file (they’d be wrong by the way) but most probably never even gave […]
Posted in encryption, linux, passwords, Security, SHA-512, shadow, Syndicated, sysadmin, tutorials
Comments Off on How is my password stored in Linux?
Java Zero Day Vulnerability Exploits JMX and MethodHandles
I recently identified software security issues (#2), especially related to Java, as one of the most significant software development themes of 2012. Not even a month into 2013, a news story receiving a lot of press is the U.S. Department of Homeland Se… Continue reading
Posted in Java SE 7, Security, Syndicated
Comments Off on Java Zero Day Vulnerability Exploits JMX and MethodHandles
[one-liner]: Command Line Calculator – bc – Example
Background
I was recently listening to the podcast Security Now! episode #316. In this episode Steve Gibson discussed his Off the Grid paper based password system, where he mentioned the number 9.337 × 10426. This number represents the total number of 26×26 Latin Squares.
Excerpt from grc.com’s Off The Grid details page…
This number, expressed in scientific notation, […] Continue reading
Posted in bc, linux, one-liner, Security, Syndicated, tips & tricks
Comments Off on [one-liner]: Command Line Calculator – bc – Example
Prevent Ubuntu from asking a password after resuming from Hibernate or Suspend
When you close the lid of your laptop and Ubuntu is running, the computer goes into Suspend mode. Same goes for chosing Hibernate from the shutdown menu, when the laptop goes into deep sleep and consumes less power. When resuming from these two states, Ubuntu will ask you for your password. If you’d like to […] Continue reading
Posted in GNOME, Security, Syndicated, System
Comments Off on Prevent Ubuntu from asking a password after resuming from Hibernate or Suspend
[one-liner]: Working with ssh-keygen & SSH Key Pair Files
Background
Here are some typical examples for creating ssh RSA key files. SSH keys are generated & modified using the command ssh-keygen.
Example #1 – defaults
For starters here’s what happens when you run ssh-keygen with just it’s defaults:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
% ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jaml/.ssh/id_rsa):
Enter passphrase (empty for no […] Continue reading
Posted in linux, one-liner, Security, shell, ssh, Syndicated, tips & tricks
Comments Off on [one-liner]: Working with ssh-keygen & SSH Key Pair Files
[one-liner]: Working around the SSH error message: Too many authentication failures for root
Background
Yesterday I ran into an issue while trying to ssh to one of my computers. I started getting this error, Too many authentication failures for root. At first I thought it has something to do with PAM or some sort of login detection protection related to /var/log/btmp (a log file maintaining bad login attempts). Turns […] Continue reading
Posted in linux, one-liner, Security, shell, ssh, Syndicated, sysadmin, tip, tips & tricks
Comments Off on [one-liner]: Working around the SSH error message: Too many authentication failures for root
Leave no traces in your .bash_history file
If you wish to not leave traces of your CLI activity in the .bash_history file, you can exclude the logging of certain commands by appending a space character before them. For example, press the space bar before you type cat /etc/passwd:
<space>c… Continue reading
Posted in cli, Security, Syndicated, System
Comments Off on Leave no traces in your .bash_history file
Monitor your changed files in real-time in Linux
Everybody knows top or htop. Ever wished there was something similar but to monitor your files instead of CPU usage and processes? Well, there is.Run this: watch -d -n 2 ‘df; ls -FlAt;’ and you’ll get to spy on which files are getting written on your system. Every time a file gets modified it will […] Continue reading
Posted in cli, Security, Syndicated, System
Comments Off on Monitor your changed files in real-time in Linux