ssh can be regarded as “critical core infrastructure” time spend on it’s security is time well spend time + money well invested: https://www.openssh.com https://github.com/openssh current manpage: ssh.man.txt WARNING: this howto guide IS MOST LIKELY INCOMPLETE! WARNING! WHEN RUNNING THE SCRIPT: […]
#!WARNING! THIS WAS TESTED FOR OLDER RHEL7 AND CENTOS! # manual editing vim /var/lib/pgsql/12/data/postgresql.conf; # postgres main config file # semi-automatic editing via sed # optional: postgres: enable detailed logging POSTGRES_MAIN_CONFIG=”/var/lib/pgsql/12/data/postgresql.conf” sed -i ‘s/#log_statement = [^”]*/log_statement = ‘all’/g’ $POSTGRES_MAIN_CONFIG sed […]
network mac’s are used to uniquely identify systems and users and thus a privacy problem so mac randomization should be enabled per default on every distribution for every wifi network card (maybe interactively during setup ask the user to enable […]
has the system been shutdown properly “gracefully” or has it crashed? it does not have to be a software or hardware problem it could also be: insufficient shielding from terrestrial microwaves satellites lightning strike near by? or extra-terrestrial (the cosmos […]
it is a wee bit strange, a lot of stuff is written to log files, often too much like: ==> /var/log/syslog <== 2024-03-04T17:33:03.463570+01:00 hostname_of_server NetworkManager[1113] <warn> [1709569983.4627] platform-linux: do-add-ip6-address[3] fe80::b0f4:2e3e:d41d:36ce]: failure 95 (Operation not supported) <- NetworkManager just can’t accept […]
the user knows, here the user get’s only the tested howtos that truly work and save a massive amount of time, trying out all the non-working howtos X-D what is mongodb (written in C++, JavaScript, Python) In 2013, 10gen changed […]
UNTESTED! 😀 “Micron has been developing some of the world’s most advanced memory technologies for more than 40 years, including DRAM (Dynamic Random Access Memory) and NAND flash memory chips, which are used in a wide range of products, including […]
have to give a HUGHE praise to the Tor Project! just checked and they DO AN EXCELLENT job at keeping the user private the developers who constantly work to make the system better the thousands of volunteering admins that run […]
if the option firewall -> “delete” is greyed out first the firewall needs to be “dissassociated” with the resource (VPS VM)
methods for detecting network loops -> Realtek Remote Control Protocol – Loop Detect Packet – absolutley nothing wrong with it. (src) also interesting that HP switches are using a Cisco MAC address?
WARNING! MAKE BACKUP of current folder before proceeding! that being said, this search replace script works with the tool sed which required to escape all special characters. This tool will help with that: https://dwaves.de/tools/escape/ per default it will search the […]
How to create an encrypted USB stick Creating an encrypted USB stick under GNU/Linux is fairly ease. First lets install required packages and erase everything from the stick gives good overview of where is what: (in a tree view style) […]
“to swap, or not to swap, that is the question”: definately swap more! Shakespeare! “to encrypt, or not to encrypt” (if it contains valuable data, encrypt) (general tutorial about lvm (logical volume management) “to lvm, or not to lvm” (well….) […]
this might sound trivial, but there are multiple approaches: # for (theoretically every) Debian, but not every Debian based system: cat /etc/debian_version 11.3 # for Debian 10 and prior hostnamectl|grep Op Operating System: Debian GNU/Linux 10 (buster) # for Debian […]
lsb_release -a; # tested under Description: Debian GNU/Linux 10 (buster) su – root # create new file touch /scripts/shutdown.sh chmod +x /scripts/shutdown.sh # edit and insert orange content vim /scripts/shutdown.sh #!/bin/bash echo “=== shutdown as gracefully as possible ===” # […]
create a new shared folder on the nas call it “data” enable NFSv4, disable NFSv3 specify list of IPs that are allowed to access the NFSv4 share: don’t forget to hit “Apply” the idea is “anyway” to NAS<-directly-LAN-1000MBit->PC connect the […]
IDE, SCSI, SATA, SAS now U.2 M.2… that reminds of… USB Cable Salad of Madness – USB 3.0 and WiFi interference – Micro-USB USB-C mess has finally arrived the list of interfaces grows by the year? no U.2 is not: […]
will be redone soon
colorful text gives much more oversight. errors are easier to spot when they are marked in red colorful text is acchieved by defining color codes “switching” between color modes and back to default vim /scripts/colors.sh #!/bin/bash RED=’\033[0;31m’ WHITE=’\033[0;37m’ YELLOW=’\033[0;33m’ COLOR_OFF=’\033[0m’ […]
with virt-manager, it is a breeze to select the PCI device (in this case enp3s0 NIC) for pass through to guest vm, in case the vm shall get it’s very own dedicated nic: notice: the passed NIC dissapears from the […]
equals to: one neat function of the find command, it that what it found can be passed to another program for further processing. or: it can delete the file by adding the option -delete BUT (!!!) THIS IS DANGEROUS! as […]
privacy is worth swapping wifi cards! Open Source & Free Software are THE GOLD STANDARD which means: would ALWAYS prefer the hazzle of replacing a wifi mini card with an wifi mini card, that is supported by open source drivers, […]
inxi – Command line system information script for console and IRC DESCRIPTION It is also used a debugging tool for forum technical support to quickly ascertain users’ system configurations and hardware. inxi shows system hardware, CPU, drivers, Xorg, Desktop, Kernel, […]
and: is the EU / Germany location simply unattractive for many companies in view of the data protection craze? “In the end, it may be bitter for Quad9 that they only got into the trouble by moving to Europe, where […]
the positive vision (always start with something positive) if big data about every keystroke every step we make (the police: every step you make) algorithms determine how mankind will live and thus: technology is “neutral” until it is used for […]
it is actually like this, in virt-manager, that chipset and bios can only be changed during first setup “begin installation” it then is fixed and can not be changed in virt-manager
the most fundamental networking settings are ever changing it used to be /etc/resolv.conf where nameservers are set systemd is doing it’s own thing /etc/systemd/resolved.conf and Ubuntu (based on Debian) is doing (again) it’s entirely own thing (netplan) frankly: this sucks […]
nfs is to GNU-Linux what smb is to Windows: sharing dirs & files “The Network File System (NFS) was developed to allow machines to mount a disk partition on a remote machine as if it were a local disk. It […]
remember that discussion about ever changing non-standard ways of defining network interfaces and ip addresses under /etc/network… well guess what, canonical just came up with a completely new config file format X-D (guess, everything is a yaml.yml now) hostnamectl; # […]
raid10 combines the speed of raid0 with the resilience of raid1. watch out: shingled hdd are not good for RAID! setup of GNU Linux mdadm software RAID10 is actually pretty straight forward: no need to do any partitioning. # tested […]