Fedora Security :: Cryptsetup: How To List Used Slots
Jan 13, 2011
The simple question 'How do I list all the used/unused LUKS slots' wasn't found in either cryptsetup Wiki or its man page.Is this possible - to list all the available/used LUKS slots for a given device?
View 2 Replies
ADVERTISEMENT
Feb 2, 2010
Strange thing happend two days ago. I just wanted to reboot my computer and now I'm no longer able to boot o0. My system is runnig with a full encryption with luks/cryptsetup. I'm using a passphrase to unlock my first partition and it will unlock the others by itself. So far so good. But now it doesnt work anymore... I'm not sure what I did before, but what I know, I didn't change anything! about cryptsetup. I did only a little "update" with the recommended packages from the repositories (guess only 4-5 updated)
I already checked with live cd and same thing there. Not able to unlock any device (what seems strange to me, cause there are 4 of them and all corrupted at the same time...?)
I always get the error message: unlock failed, bad password or options? (on boot) Command failed: No key available with this passphrase (live cd)
First thing I did was checking wheter all modules are loaded:
Code:
ubuntu@ubuntu:~$ lsmod
Module Size Used by
sha256_generic 11580 0
[Code].....
View 5 Replies
View Related
Feb 6, 2010
Everytime I login the SELinux Troubleshooter panel applet alerts me that I have 1 alert to view, however when I click on the icon and bring up the Troubleshooter there are no alerts
View 2 Replies
View Related
Mar 17, 2011
In my office we sometimes have servers that hit the max_connections limit. As we sometimes have scripts that take up that 1 extra 'superuser' slot for MySQLD, we'd like to raise that. Google really hasn't turned up much on this, is there a way to raise the number of slots?
View 1 Replies
View Related
Apr 5, 2011
I m using SUN Server .
How would i determine the number of RAM slots using dmidecode.
I m running following command to get RAM information. code....
View 7 Replies
View Related
Apr 4, 2011
In a new PC I had constantly BSoD. I tracked it down to bad memory modules and took them back to the shop.Specifically the RAM was Corsair. Anyway they said they will do test on memory to confirm. They did tests and admitted the RAM was faulty and gave me a replacement. At this point: originally I bought 2 kits of 4G RAM. One of the kits turned out bad. They gave me a replacement, it does not seem to be exactly the same, though. In any case, I became causious and as soon as I got them I put them in the PC and run KUbuntu memtest. It started showing thousands of errors! (Again!). I removed the new kit and run the test again. No errors. I swapped the slots I put the memory modules and also no errors. I can not understand now. Is the new RAM kit bad or not? Does the slots I place the kits matter?
View 3 Replies
View Related
Aug 27, 2015
I setup a luks encrypted /home partition on my Debian jessie, with an automount when my usb key containing the luks secret is plugged in at startup.
I did configure /etc/fstab so that my usb key be mounted at startup to /media/usb1, and /etc/crypttab to open my encrypted partition with the key at /media/usb1/homekey. It works.
However, when my usb key is not plugged in, boot fails and never shows welcome screen. I would change this behaviour so that when my usb is missing, boot resumes and do not mount /home partition. How could I manage this?
View 0 Replies
View Related
Oct 2, 2010
I have a 1 TB usb external disk. I was crypted it with cryptsetup. now I dont' want crypt. without losing data how can I clear dmcrypt from my external disk
View 1 Replies
View Related
Feb 23, 2010
I have 10 hotswappable SATA drives I use for a rotating backup system. On each drive I have created an encrypted LUKS partition. I normally mount the drive by first unlocking it via:
Code:
cryptsetup luksOpen /dev/sdc1: BD-4-B
However some time last week this command refused to work...for any of the drive. Before I even get prompted for a password I get the terse error message: "Command failed: Can not access device"I can't recall if it was a system update that broke it, but now I can't get to any of the data on these devices nor can I run any backups.
View 1 Replies
View Related
Dec 1, 2015
I have encountered a bug in the live-build in Debian Live. The persistence does not work it is because of the bug #767195. I cannot recreate another live img file because of bandwidth problem, is there any way to repack the initrd and enable the cryptsetup?
as per suggested:
#767195 – cryptsetup needs to be enabled for initramfs inclusion – Debian Bug report logs
On Wed, Oct 29, 2014 @ 18:09, Evgeni Golov <evgeni@grml.org> wrote:
....
Edit: Line 77 -79 @
# nano /usr/lib/live/build/chroot_hacks
[Code] ....
View 0 Replies
View Related
Jan 22, 2011
i have a cryptsetup container, which after freshly setting up the computer isn't mountable anymore. Google didnt help me much soSince i use a keyfile, it cant be the passphrase.This is what i do:Quote:
losetup /dev/loop0 /home/data.img
cryptsetup -d super-secret-key.file data /dev/loop0
mount /dev/mapper/data /data
[code]....
View 4 Replies
View Related
Jan 23, 2011
We had this problem a while back but it went away with whatever updates lvm/cryptsetup have been through, but it's back again as of the latest update. Instead of symlinks to the /dev/dm-* devices, lvm and cryptsetup are both creating duplicate device nodes under /dev/mapper for already existing devices.
e.g.
Code:
gazl@slack:~$ ls -l /dev/mapper
total 0
crw------- 1 root root 10, 61 Jan 23 16:48 control
brw-rw-r-- 1 root disk 253, 0 Jan 23 16:48 lukssda5
brw-rw-r-- 1 root disk 253, 9 Jan 23 16:48 rootvg-lvhome
[Code]...
View 11 Replies
View Related
Sep 12, 2010
I'm using an nvidia graphic card, as i read before on this forum, to get high resolution in bootsplash i need v86d package - and i installled it and i get back 1680x1050 resolution in bootslash. But the problem with resolution come back after installing cryptsetup package, now i've got 640x480 and i can change it, I trying to reconfigure v86d , plymount, trying update-initramfs -u but with no result.
View 4 Replies
View Related
Mar 3, 2010
Slackware 13 Kernel 2.6.29.6 have three hard drives. Root is on own drive sda1. sdb and sdc are raid via mdadm with two partitions. one for /home raid0 md0 one for swap raid1 md1. md0 is encrypted vi cryptsetup. md1 is encrypted vi fstab. everything boots fine and is accessible. However, /dev/mapper/* shows sda1 as block device connected to the raid md0. swap crypted device is correct in /dev/mapper/*. fstab is set correctly. problem seems to be with initrd. I would like the correct device in /dev/mapper so that I can access drive info; size, available space, etc. now info shows only sda1 info
View 1 Replies
View Related
Feb 17, 2010
I understand there is a file that stores the repositories' information, but I can't find it!Is there a way I can create a list of what applications have been installed?The idea is that if I am running a backup, finding a way to save the repository list and applications installed so if I am upgrading, or fixing a borked system by re-installing Fedora, I could copy the repo list back, and run the applications list like ode:yum install <cat apps.txt?> and get all of the applications I've installed via Yum without having to remember them all?Is there anything else, outside of /home, I should look at backing up? SELinux settings?
View 6 Replies
View Related
Jan 24, 2011
I've encrypted the /home partition. I've been successful in doing this by following the instructions here:slackware64-current/README_CRYPT.TXTBut after upgrade to cryptsetup-1.2.0-x86_64, when I boot up I get 'no such file or directory while trying to open /dev/mapper/crypthome'I have to manually type 'cryptsetup luksOpen /dev/sda9 crypthome' and mount each time to get into the encrypted partition.I expect to be prompted for the password on boot but I just get that error, what is wrong?my config files:
/etc/crypttab:
crypthome /dev/sda9
/etc/fstab:
[code]....
View 5 Replies
View Related
Mar 29, 2010
I am looking for a basic guide to Linux security. I am assessing a multi-server farm and have very limited experience with Linux. Where can I get a list of basic things I should be looking at from a security standpoint, i.e. ports, vulnerabilities, users, etc? Looking for a checklist I can run through. We are running CentOS Linux 5.0.
View 6 Replies
View Related
Aug 28, 2010
When I boot up my laptop whith memorycards in the slots the boot hangs at "Wating for /dev to be fully populated", "Activating swap" or somewhere in between.If I take out the memorycards so the slots are empty, the laptop boots just fine...Its a CFCard and a SDcard in a PCIMAslot.Does anyone have a clue?Its not a big problem just very annoing to have to take out the memcards all the the time.
View 4 Replies
View Related
Mar 8, 2011
I have been messing around with ettercap and with with a little bit of arping. Running out of things to do though! New programs? If you list a program i can probably find some guides on how to use it
View 14 Replies
View Related
May 30, 2011
I've got an amazon EC2 instance running Natty 11.04. I want to harden this server and make sure it's very secure as I ultimately will be handling sensitive data. I'm wondering what should be in /etc/apt/sources.list. Can anyone comment on these contents? Or, better yet, recommend a good secure sources.list file?
Code:
## Note, this file is written by cloud-init on first boot of an instance
## modifications made here will not survive a re-bundle.
## if you wish to make changes you can:
[code]....
View 2 Replies
View Related
Jan 25, 2011
is there a way to display a list of all the files changed during current session?
View 4 Replies
View Related
Mar 28, 2011
I am looking for a utility that would do the following:1. Be run manually on a list of files whose sizes should not change, to get a control file containing the sizes of each file.2. Subsequent manual runs would report any changes in size of any of the files in the list, and allow option to accept the new sizes.3. Be run as a cron job to check for changes in the file sizes and send an email alert if a change has occurred since the last time it was run.The purpose is to detect possible hacks of key files on a website. It would not include files expected to change, but just those that should not change. It would be run manually a few times to get the control list one wants to monitor.
View 3 Replies
View Related
Mar 28, 2010
how do I save installed packages in a list and restore ...
rpm -qa > installed-software.log
yum install $(cat installed-software.log)
sorting rpm packages by size
rpm -qa --qf '%{SIZE} %{NAME}
' | sort -n
View 4 Replies
View Related
May 2, 2011
I'm trying to use ssh-keyscan to get some known_host file population going on, but I have a ton of hosts I want to scan, all with multiple aliases in /etc/hosts. Is there a way to use my current /etc/hosts file to do an ssh-keyscan instead of making a special list of hosts that (from what I've read) ssh-keyscan needs?
View 2 Replies
View Related
Jun 18, 2011
I wish all of my Internet connections will go through a proxy server. HTTP as well as FTP, and every other type of link. How can i do that?
On top of that, is there a free ubuntu-users' public proxy list?
View 5 Replies
View Related
Mar 30, 2011
Is it possible to list/find/compare the program versions on a Centos system, against Redhat/Centos Errata/Security/Bug lists? Sort of looking for a way to make sure that all the packages on a system are ok, and not a security risk-- Without having to update every package. A pseudo code, in my mind is:
[Code]...
View 2 Replies
View Related
May 22, 2011
love security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies
View Related
Apr 13, 2011
this is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]
[code]....
View 5 Replies
View Related
Apr 7, 2009
I'm just curious as to what security measure's I should be taking to make my box a little less vulnerable? I'm still experimenting/playing with Linux, use the net, IM, download this and that and was wondering how secure fedora 10 was out of the box?
View 12 Replies
View Related
Apr 8, 2009
During a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).
View 5 Replies
View Related