Linux Consumer

Encrypted swap is essential if your usage sometimes require extra bit of memory on the legacy or solid state harddrive which happens to be fully encrypted. In this post, i will briefly go through the steps in setting up encrypted swap partition on Debian GNU/Linux OS (Linux Mint variant) with a sysV init system. To begin, let's save any changes to your work and check if the swap partition is in use using command ' free -m '  and deactivate the existing non-encrypted swap partition using command ' sudo swapoff -a '. Next step is to initialise the (yet to be encrypted) swap partition as a LUKS formatted partition using ' sudo luksFormat /dev/sdaX ' for a legacy harddrive where sd is the prefix for a sata interface connected harddrive, a is the English letter name convention for the first harddrive detected as such, and X is the Indian numerical name convention for partition to be used as swap. We will need to enter a password or passphrase for the setti

Generating RSA keys on client device (e.g. Ubuntu 16.04 LTS): ssh-keygen -t rsa which will store key in $HOME directory. Then, prompt for passphrase will appear, but we will keep it empty. The ssh key pair is generated where id_rsa.pub is the public key (we can share with the public) and id_rsa is the private key (we shall keep it secret as long as we can) Copying public SSH key from client to router (server): scp ~/.ssh/id_rsa.pub username@router.current.ip.address:/home/username/.ssh For e.g. the username is edgemax and the router ip address is 192.168.1.1, the command would be: scp ~/.ssh/id_rsa.pub edgemax@192.168.1.1:/home/edgemax Alternatively, we use ssh-copy-id to copy the key to ~/.ssh/authorized_keys :   sudo ssh-copy-id -i .ssh/nvy_rsa.pub navoyjw@192.168.0.1 Setting ownership to username (better) if the owner of the files are not under you (check ownership or username using "ls -la /home/username/" ) as you do not need to access files as a root

Getting inspiration from Digital Ocean article on setting up mongodb on Ubuntu 16.04. There is a small caveat which i found today in the [Service] text and the config path /path/to/mongo/config which is causing my mongodb.service to fail to run. Here is my take based on the mongodb configuration file path on my Ubuntu 16.04: [Unit] Description=High-performance, schema-free document-oriented database After=network.target [Service] User=mongodb ExecStart=/usr/bin/mongod --quiet --config /etc/mongodb.conf [Install] WantedBy=multi-user.target If you have noticed in the original documentation the ExecStart points to /etc/mongod.conf, whereas on my system it should point to /etc/mongodb.conf. That's all for today. Follow my blog with Bloglovin

I am going to list TCP/UDP ports that need to be opened in setting up of Ubiquiti AP AC products on a locally based controller powered by Linux/GNU OS. The information contained herein are gleaned from various sources including the friendly Ubiquiti community. The tool used is UFW on a Ubuntu 16.04.3 device. The Ubiquiti reference page is here: https://help.ubnt.com/hc/en-us/articles/218506997-UniFi-Ports-Used Let's begin: sudo ufw limit 22/tcp   /* rate limit for openssh sudo ufw allow 80,443/tcp   /* for http and https connection respectively sudo ufw allow 8080,8443/tcp   /* for locally based unifi controller connection                                                      with the AP sudo ufw allow 3478/udp    /* STUN sudo ufw allow 10001/udp   /* ap discovery (optional) sudo ufw allow 8880,8843/tcp   /* for guest portals (optional for home user                                                         unless operating a homestay biz) sudo ufw allow out 22/tcp   /

As security is elusive ever since mankind invented encryption methods. It is important to set some form of wall to keep some marauding data thieves out of the walled 'data' garden. The old timeless saying of 'better late than never' rings true in this context. A firewall is a basic protection for personal consumers since the late 1990s when internet usage becomes prevalent. In Ubuntu 16.04, the firewall typically consists of UFW (Uncomplicated Firewall). There is a graphical front-end but if you prefer to use commandline or your computer is in need of more computing resource, the UFW is your preferred choice. This brief is on setting up Ubuntu UFW using the gnome console or terminal using relatively simple rules (in comparison to setting up the Linux Firewall using iptables). As an average user, we need to open certain ports to access the internet. Without a firewall, the 'attack surface' (as security commentators commonly use it to label the 'connec

Luks-formatted file container on your harddrive or cloud storage solutions In the year 2017, a lot of security issues surfaces, and ransomware are lurking in the cyberspace preying on the next victim. Be it the oft-quoted 'vulnerable operating system' like Windows, or other 'more secure' platforms like Linux kernel driven operating system or Macintosh operating system, once you are in the cloud, you are equally vulnerable. Hence, we can take one small step in securing our data online. I have read this article on a security blog written by Nick Thomadakis from Cybrary, a education provider for IT security. You can read on this website . Just be aware that you need to register to view the content or you can use chrome extension, ScriptSafe, to turn off the script giving the website to your browser. Let's begin with the first approach (a casual approach to creating the file container) : 1st step:  let's search for the module dm_crypt  (to kno

If you are still using spinning harddrive, concerned about the health of your harddrive and using Linux/GNU, in particular, Ubuntu 16.04, you are in the right place Running HDSentinel is quite simple in Linux. You need to download the file   Hard Disk Sentinel LINUX (FREE)  from  http://www.hdsentinel.com/download.php After extracting the file into your preferred directory, we export the path which is the directory using the command 'export' : export PATH=$PATH:/path/to/bin . Then, we can preserve the path enviroment to run HDSentinel using administrative sudo command:   sudo -E env "PATH=$PATH" HDSentinel . Alternatively, we may need to edit the sudoers file to include the /path/to/bin using the command:  sudo -E visudo and add /path/to/bin  in the line below Defaults  mail_badpass like this :  Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin : /path/to/bin " The change above in /etc/sudoers is di

If you are using KeePass on Fedora 25 or Ubuntu 16.04, you are in luck. There may be other addons or applications that may do the same task, KeePass is the used and tested application for storing passwords. Background history: KeePass is built using Xamarin   Do try to use the default theme for Firefox, as there may be interface issue on a 3rd party theme. Addons needed: PassIFox (either), KeeFox (either), KeePass Helper (optional). First, you have to install the either one of the addons in Firefox:  KeeFox, or PassIFox. These are the two available addons to act as a go-between for KeePass and Firefox. Personally, i prefer KeeFox, since it has better support at keefox.org After adding this, we need to install the Mono files (which the application is built on) and extract the pre-built KeePass zip file. To install Mono is a breeze, just go to the official Fedora community website and execute the Quick command. In Ubuntu, use the apt-get command to install the package