The simple question 'How do I list all the used/unused LUKS slots' wasn't found in either cryptsetup Wiki or its man page.Is this possible - to list all the available/used LUKS slots for a given device?
View 2 RepliesStrange thing happend two days ago. I just wanted to reboot my computer and now I'm no longer able to boot o0. My system is runnig with a full encryption with luks/cryptsetup. I'm using a passphrase to unlock my first partition and it will unlock the others by itself. So far so good. But now it doesnt work anymore... I'm not sure what I did before, but what I know, I didn't change anything! about cryptsetup. I did only a little "update" with the recommended packages from the repositories (guess only 4-5 updated)
I already checked with live cd and same thing there. Not able to unlock any device (what seems strange to me, cause there are 4 of them and all corrupted at the same time...?)
I always get the error message: unlock failed, bad password or options? (on boot) Command failed: No key available with this passphrase (live cd)
First thing I did was checking wheter all modules are loaded:
Code:
ubuntu@ubuntu:~$ lsmod
Module Size Used by
sha256_generic 11580 0
[Code].....
Everytime I login the SELinux Troubleshooter panel applet alerts me that I have 1 alert to view, however when I click on the icon and bring up the Troubleshooter there are no alerts
View 2 Replies View RelatedIn my office we sometimes have servers that hit the max_connections limit. As we sometimes have scripts that take up that 1 extra 'superuser' slot for MySQLD, we'd like to raise that. Google really hasn't turned up much on this, is there a way to raise the number of slots?
View 1 Replies View RelatedI m using SUN Server .
How would i determine the number of RAM slots using dmidecode.
I m running following command to get RAM information. code....
In a new PC I had constantly BSoD. I tracked it down to bad memory modules and took them back to the shop.Specifically the RAM was Corsair. Anyway they said they will do test on memory to confirm. They did tests and admitted the RAM was faulty and gave me a replacement. At this point: originally I bought 2 kits of 4G RAM. One of the kits turned out bad. They gave me a replacement, it does not seem to be exactly the same, though. In any case, I became causious and as soon as I got them I put them in the PC and run KUbuntu memtest. It started showing thousands of errors! (Again!). I removed the new kit and run the test again. No errors. I swapped the slots I put the memory modules and also no errors. I can not understand now. Is the new RAM kit bad or not? Does the slots I place the kits matter?
View 3 Replies View RelatedI setup a luks encrypted /home partition on my Debian jessie, with an automount when my usb key containing the luks secret is plugged in at startup.
I did configure /etc/fstab so that my usb key be mounted at startup to /media/usb1, and /etc/crypttab to open my encrypted partition with the key at /media/usb1/homekey. It works.
However, when my usb key is not plugged in, boot fails and never shows welcome screen. I would change this behaviour so that when my usb is missing, boot resumes and do not mount /home partition. How could I manage this?
I have a 1 TB usb external disk. I was crypted it with cryptsetup. now I dont' want crypt. without losing data how can I clear dmcrypt from my external disk
View 1 Replies View RelatedI have 10 hotswappable SATA drives I use for a rotating backup system. On each drive I have created an encrypted LUKS partition. I normally mount the drive by first unlocking it via:
Code:
cryptsetup luksOpen /dev/sdc1: BD-4-B
However some time last week this command refused to work...for any of the drive. Before I even get prompted for a password I get the terse error message: "Command failed: Can not access device"I can't recall if it was a system update that broke it, but now I can't get to any of the data on these devices nor can I run any backups.
I have encountered a bug in the live-build in Debian Live. The persistence does not work it is because of the bug #767195. I cannot recreate another live img file because of bandwidth problem, is there any way to repack the initrd and enable the cryptsetup?
as per suggested:
#767195 – cryptsetup needs to be enabled for initramfs inclusion – Debian Bug report logs
On Wed, Oct 29, 2014 @ 18:09, Evgeni Golov <evgeni@grml.org> wrote:
....
Edit: Line 77 -79 @
# nano /usr/lib/live/build/chroot_hacks
[Code] ....
i have a cryptsetup container, which after freshly setting up the computer isn't mountable anymore. Google didnt help me much soSince i use a keyfile, it cant be the passphrase.This is what i do:Quote:
losetup /dev/loop0 /home/data.img
cryptsetup -d super-secret-key.file data /dev/loop0
mount /dev/mapper/data /data
[code]....
We had this problem a while back but it went away with whatever updates lvm/cryptsetup have been through, but it's back again as of the latest update. Instead of symlinks to the /dev/dm-* devices, lvm and cryptsetup are both creating duplicate device nodes under /dev/mapper for already existing devices.
e.g.
Code:
gazl@slack:~$ ls -l /dev/mapper
total 0
crw------- 1 root root 10, 61 Jan 23 16:48 control
brw-rw-r-- 1 root disk 253, 0 Jan 23 16:48 lukssda5
brw-rw-r-- 1 root disk 253, 9 Jan 23 16:48 rootvg-lvhome
[Code]...
I'm using an nvidia graphic card, as i read before on this forum, to get high resolution in bootsplash i need v86d package - and i installled it and i get back 1680x1050 resolution in bootslash. But the problem with resolution come back after installing cryptsetup package, now i've got 640x480 and i can change it, I trying to reconfigure v86d , plymount, trying update-initramfs -u but with no result.
View 4 Replies View RelatedSlackware 13 Kernel 2.6.29.6 have three hard drives. Root is on own drive sda1. sdb and sdc are raid via mdadm with two partitions. one for /home raid0 md0 one for swap raid1 md1. md0 is encrypted vi cryptsetup. md1 is encrypted vi fstab. everything boots fine and is accessible. However, /dev/mapper/* shows sda1 as block device connected to the raid md0. swap crypted device is correct in /dev/mapper/*. fstab is set correctly. problem seems to be with initrd. I would like the correct device in /dev/mapper so that I can access drive info; size, available space, etc. now info shows only sda1 info
View 1 Replies View RelatedI understand there is a file that stores the repositories' information, but I can't find it!Is there a way I can create a list of what applications have been installed?The idea is that if I am running a backup, finding a way to save the repository list and applications installed so if I am upgrading, or fixing a borked system by re-installing Fedora, I could copy the repo list back, and run the applications list like ode:yum install <cat apps.txt?> and get all of the applications I've installed via Yum without having to remember them all?Is there anything else, outside of /home, I should look at backing up? SELinux settings?
View 6 Replies View RelatedI've encrypted the /home partition. I've been successful in doing this by following the instructions here:slackware64-current/README_CRYPT.TXTBut after upgrade to cryptsetup-1.2.0-x86_64, when I boot up I get 'no such file or directory while trying to open /dev/mapper/crypthome'I have to manually type 'cryptsetup luksOpen /dev/sda9 crypthome' and mount each time to get into the encrypted partition.I expect to be prompted for the password on boot but I just get that error, what is wrong?my config files:
/etc/crypttab:
crypthome /dev/sda9
/etc/fstab:
[code]....
I am looking for a basic guide to Linux security. I am assessing a multi-server farm and have very limited experience with Linux. Where can I get a list of basic things I should be looking at from a security standpoint, i.e. ports, vulnerabilities, users, etc? Looking for a checklist I can run through. We are running CentOS Linux 5.0.
View 6 Replies View RelatedWhen I boot up my laptop whith memorycards in the slots the boot hangs at "Wating for /dev to be fully populated", "Activating swap" or somewhere in between.If I take out the memorycards so the slots are empty, the laptop boots just fine...Its a CFCard and a SDcard in a PCIMAslot.Does anyone have a clue?Its not a big problem just very annoing to have to take out the memcards all the the time.
View 4 Replies View RelatedI have been messing around with ettercap and with with a little bit of arping. Running out of things to do though! New programs? If you list a program i can probably find some guides on how to use it
View 14 Replies View RelatedI've got an amazon EC2 instance running Natty 11.04. I want to harden this server and make sure it's very secure as I ultimately will be handling sensitive data. I'm wondering what should be in /etc/apt/sources.list. Can anyone comment on these contents? Or, better yet, recommend a good secure sources.list file?
Code:
## Note, this file is written by cloud-init on first boot of an instance
## modifications made here will not survive a re-bundle.
## if you wish to make changes you can:
[code]....
is there a way to display a list of all the files changed during current session?
View 4 Replies View RelatedI am looking for a utility that would do the following:1. Be run manually on a list of files whose sizes should not change, to get a control file containing the sizes of each file.2. Subsequent manual runs would report any changes in size of any of the files in the list, and allow option to accept the new sizes.3. Be run as a cron job to check for changes in the file sizes and send an email alert if a change has occurred since the last time it was run.The purpose is to detect possible hacks of key files on a website. It would not include files expected to change, but just those that should not change. It would be run manually a few times to get the control list one wants to monitor.
View 3 Replies View Relatedhow do I save installed packages in a list and restore ...
rpm -qa > installed-software.log
yum install $(cat installed-software.log)
sorting rpm packages by size
rpm -qa --qf '%{SIZE} %{NAME}
' | sort -n
I'm trying to use ssh-keyscan to get some known_host file population going on, but I have a ton of hosts I want to scan, all with multiple aliases in /etc/hosts. Is there a way to use my current /etc/hosts file to do an ssh-keyscan instead of making a special list of hosts that (from what I've read) ssh-keyscan needs?
View 2 Replies View RelatedI wish all of my Internet connections will go through a proxy server. HTTP as well as FTP, and every other type of link. How can i do that?
On top of that, is there a free ubuntu-users' public proxy list?
Is it possible to list/find/compare the program versions on a Centos system, against Redhat/Centos Errata/Security/Bug lists? Sort of looking for a way to make sure that all the packages on a system are ok, and not a security risk-- Without having to update every package. A pseudo code, in my mind is:
[Code]...
love security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies View Relatedthis is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]
[code]....
I'm just curious as to what security measure's I should be taking to make my box a little less vulnerable? I'm still experimenting/playing with Linux, use the net, IM, download this and that and was wondering how secure fedora 10 was out of the box?
View 12 Replies View RelatedDuring a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).
View 5 Replies View Related