Fedora :: Caching Passphrase For Symmetric Encryption In 13 (emacs 23.1)
May 31, 2010
I just upgraded to Fedora 13, with emacs 23.1. Now when I edit a .gpg (encrypted) file, emacs doesn't cache the passphrase, so when I save the file emacs demands that I repeat the passphrase twice.Previously, the following line in .emacs made it cache the passphrase:
Code:
(setq epa-file-cache-passphrase-for-symmetric-encryption t) This is supposed to work, according to the documentation [URL], but in Fedora 13 emacs it seems to have stopped working.
View 1 Replies
ADVERTISEMENT
Jul 28, 2009
I have currently a file server that runs on Fedora 9, and all other PCs (mostly running Windows XP) access the file server via SAMBA. Everything works perfectly! However, lately a home invasion in my neighborhood got me thinking. If they take my file server, my data is not protected. So, I would like to implement the LUKS partition encryption (/home) which sits on a separate disk. However, I don't quite like the decryption process at boot time. In other words, I would like to wake up the file server (WOL) remotely, and when it's done booting, I would like to log-in using the other PCs and enter the passphrase remotely to decrypt /home. Is this possible using LUKS encryption (i.e., cryptsetup)? If not, what would be another alternative to what I am trying to do using a secure encryption (so that the data is safe from thieves)?
View 4 Replies
View Related
Feb 7, 2010
I installed ubuntu 9.10 to a fresh partition on a HD that already contains a windows xp. During the install I opted to Require my password to login and to decrypt my home folder, (don't ask why, I regret it already). The install went well, I think, but when it came to reboot time I wanted to check that I could start windows xp from the new grub boot loader. Windows started fine so I rebooted again to try my new install of ubuntu. Now the system seems to get stuck at the little spinning wheel icon. I tried to boot to recovery shell but after entering my name and password I get:
Unable to cd to '/home/myname'
I rebooted using live cd. And mounted the file system as root. Now I have chroot ed into the system but that's as far as my knowledge gets me. I have googled to find the next step but am not finding a clear answer. I have found this [URL]. And here I see I should have seen a screen entitled: Record your encryption passphrase. But I didn't get to that screen. So is there any elegant solution? or am I destined to wipe the install and start again? Perhaps this problem is connected to the bug mentioned here [URL]. Optional encrypted partitions must be marked bootwait in /etc/fstab
In addition to the above, users who have configured any encrypted partitions in /etc/crypttab to start at boot time (i.e., not using the noauto option) should make sure that the filesystems on these volumes are listed in /etc/fstab if they are not mounted at a standard system mountpoint. Failure to do this on a desktop system will lead to problems from the X server and cryptsetup trying to control the console at the same time. At best, this will prevent the user from seeing the passphrase prompt; at worst it will also cause the X server to spin and consume 100% CPU. (430496)
I'm not sure, my /home is not on a separate partition.
/etc/crypttab is empty
# <target name> <source device> <key file> <options>
/etc/fstab is
# /etc/fstab: static file system information.
# Use 'blkid -o value -s UUID' to print the universally unique identifier
# for a device; this may be used with UUID= as a more robust way to name
# devices that works even if disks are added and removed. See fstab(5).
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
# / was on /dev/sda2 during installation
UUID=8e5f54dd-8d79-44da-9ddf-7f4e3bce2a64 / ext3 errors=remount-ro 0 1
# swap was on /dev/sda3 during installation
UUID=32bcb9fc-ff2b-4e37-a259-1bfabee7cee7 none swap sw 0 0
/dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0
View 1 Replies
View Related
Sep 5, 2010
i have installed a ubuntu 10.04 (mini iso) w/ option of root encryption. Now i need to boot without ask for passphrase, but im trying to add a luks keyfile without success.i want to use a keyfile in the /boot partition or inside the initrd (cant be in external pendrive), but ubuntu aparently dont accept a keyfile in /boot or initrd file. I know, this way isnt very security, but i just need a basic encryption.So, how to force the use of a keyfile in /boot or inside the initrd for a crypt root partition?
View 5 Replies
View Related
Jan 4, 2011
Ubuntu's request for an encryption passphrase on installation could be greatly improved.
After installation, if the option to encrypt the home folder has been checked, Ubuntu prompts: "Record your encryption passphrase".
On running the action there are the following problems:
# When you type a passphrase, your keypresses are not indicated on the screen
# If you make a mistake typing the passphrase, and backspace, there is no way of knowing whether the backspace operation has worked
# The passphrase is typed once and the operation ends. There is no attempt to validate the correct entry of the passphrase by asking for it to be typed twice.
The combination of these shortfalls can be fatal. My last recorded encryption passphrase proved to be incorrect when after a critical failure I was required to enter my encryption passphrase to retrieve my data. It had not been backed up for a while. Ubuntu did not recognise my passphrase. Only after some dogged support from Canonical was the problem resolved.
I've just done a fresh install. I have butter fingers. I inevitably fumbled over the entry of my encryption passphrase. I have absolutely no way of verifying the passphrase I just set. Should Ubuntu ditch another critical failure on me, what do you think the chances are that my passphrase will work?
View 1 Replies
View Related
May 17, 2010
I was using the following code in my .emacs file to start emacs maximized:
Quote:
(defun toggle-fullscreen ()
(interactive)
(x-send-client-message nil 0 nil "_NET_WM_STATE" 32
'(2 "_NET_WM_STATE_MAXIMIZED_VERT" 0))
(x-send-client-message nil 0 nil "_NET_WM_STATE" 32
[Code]...
View 2 Replies
View Related
Aug 8, 2011
I am currently working on a project at work to do caching across a windows network (web traffic thorugh squid and windows updates with WSUS). It is proving to be an interesting learning project.This got me thinking about my home network. Currently I am running 8 Fedora Computers (with the very real possiblity of more in the forseeable future).
Oviously running "yum update" on every computer and having them download these updates directly on each computer eats a lot of bandwidth on the external link. I would like to know if there is a way to set up a proxy server (or something else for that matter) to cache yum downloads. This way when I deploy a new machine, or run updates, I can save time and bandwidth by only downloading the packages too my LAN once, instead of nearly a dozen times.
View 4 Replies
View Related
Apr 14, 2011
I am having difficulties setting up Symmetric NAT through iptables.
First things first:
"A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port. If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host."
Need:
I am working on a SIP application and SIP apps face a problem with NATed networks. STUN is a solution to such a problem and my SIP application has an embedded STUN client functionality.
Scenario and Technical Details:
192.168.0.200
+-----------------+
| ClientA - My IP |
+-----------------+
|
|GW:
| eth0 eth1 (example public IP address)
| 192.168.0.1 | 123.123.123.123
+-------------|-------------+
| NAT1 |
+-------------|-------------+
|
|
|
stun.1und1.de |
+---------------------------+
| STUN Server |
+---------------------------+
I am using WinSTUN, which requires a STUN Server address (such as the one I specified above) to return my type of NAT. What I need to achieve is Symmetric NAT through iptables, on the GW server, only on my IP address (192.168.0.200). I don't want it to affect the whole network. I am running CentOS release 5.4 (Final), and iptables v1.4.10
View 1 Replies
View Related
Apr 14, 2011
I am having difficulties setting up Symmetric NAT through iptables and I hope you can help me with this issue. First things first: "A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port.If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host."
Need: I am working on a SIP application and SIP apps face a problem with NATed networks. STUN is a solution to such a problem and my SIP application has an embedded STUN client functionality. Scenario and Technical Details:
[Code]...
View 2 Replies
View Related
Feb 9, 2010
Simply, the number of possible combinations of passwords increases as an exponent of the number of characters used and as a factor of the number of characters available for use.
26 potential characters for a 2 character password results in 26^2 possible password combinations. This means that each new character added would result in an "order of magnitude" increase in the difficulty of brute force attack.
Using a phrase, complete with punctuation and capitalization is the very best mnemonic device to remember a password. Consider this, how hard is it to remember; The quick brown fox jumped over the lazy dog.
Than it is to remember, l33tsp34kp@ssw0rd
If we pretend that both of these passphrases are generated from a character set consisting of 26 characters, the first would be one of a possible 15274273784216769021564085930704478424313742483024 510976. The second would be one of a possible 1133827315385150725554176.
In short, use a passphrase not a password, they are much MUCH more secure.
View 14 Replies
View Related
Sep 9, 2010
I am using Fedora 13 x64.I want to removing passphrase from the RSA Private Key then harden the decrypted Private Key.When I tried section 6.6 guide line, I get directory does not exist?I don't know where my server.key is stored.
View 1 Replies
View Related
Jul 7, 2010
Every time I log in to my Fedora 13 system, I am prompted for my SSH pass phrase.
I would like to be prompted the first time I login after booting, but then have ssh-agent continue to run until I kill it or shutdown so I don't have to be prompted every time.
Where do I configure this?
View 3 Replies
View Related
May 1, 2011
i have a program which have to encrypt data by using a symmetric block cipher with cbc encryption mode . it seems, that the IN data length must be a multiple of the cipher block length. is there a possibility to advice libgrypt to do the padding of the IN buffer automatically or must i do this manually? in case of manual padding: what is the recommended strategy to perform high security? fill with zeros or random numbers
View 1 Replies
View Related
Feb 12, 2009
I am looking into creating a web caching server for myself using fedora 10. I believe I need to use squid for this but it seems to have a lot of features. Basically, all I want for now is to be able to cache web pages that I and my network users use the most, increasing access time and lowering the load on my internet connection. Can squid do this and can someone point in the right direction on an article on how to configure such a thing?
View 5 Replies
View Related
Apr 3, 2011
ran an internet cafe and last week my windows server got fried because of power surge. Now i got Fedora 14 running on another PC and i want to set it up as a full caching proxy server, so other computers can connect through it to the internet. I have 2 network cards inside.I'm really new to Linux and now learning my way around. I managed to install squid but don't know how to configure it to suit the purpose above
View 1 Replies
View Related
May 9, 2011
I want to configure DNS Server on Fedora14. So I install caching-nameserver cause any template files.I can't install caching-nameserver on my Fedora14 by this command: [but i can do it on Fedora5]
View 4 Replies
View Related
Jul 19, 2011
We have small requirement, we need to connect to ssh server through ey+Passphrase+password. Is it possible to configure this type of authentication in any version of openssh/fedora.
View 3 Replies
View Related
Oct 20, 2010
Can anyone suggest me any open Source Testing tool for testing SMP?
View 1 Replies
View Related
Feb 8, 2011
I have an encrypted disk, using LUKS / dm-crypt, on Fedora 14.Every time I boot, I am immediately prompted for the passphrase. This happens VERY early in the boot process, and is a graphical screen (ie not console text). If I hit escape, I am prompted in a text-mode for the same passphrase. If I hit escape or return a few times, boot continues normally.
I only mount the disk occasionally, and don't want to be prompted at boot for the passphrase to luksOpen the disk at boot. I manually cryptsetup luksOpen and then mount it when I want access. I just don't want to be asked at boot, and don't want to unlock it until I do so manually.Does anyone how how I can tell Fedora to not attempt to decrypt / mount this filesystem at boot?It's not in /etc/fstab. I should mention, no LVM, just mdadm raid5 on the partition + luks /dm-crypt.
View 5 Replies
View Related
Apr 4, 2011
How to change the passphrase for crypted partitions in F14?
View 1 Replies
View Related
Aug 12, 2011
I recently was given a system with an ASUS A8V motherboard, AMD Athlon 64 3000+ 1.8GHz CPU and one 60 GB SATA disk to which I added a 120GB IDE disk. As the disks are on different (built-in) controllers and are different speeds, I set up /boot, root and swap on the SATA disk, and then one big /home partition on the IDE drive, using the custom partitioning. If I install Fedora 15 32 bit (from DVD) with encryption enabled, I get prompted for the encryption passphrase during bootup as I would expect. If I install Fedora 15 64 bit (from DVD), I get that same prompt and the boot hangs. I can then bring up a serial console where I'll find a prompt for the same passphrase for the IDE drive. I can enter it and the boot will proceed.
I am now running F15 64 without encryption; I would like to get encryption working again but without having to enter the passphrase twice. Plus I figure that this *should* work the same under both the 64 and 32 bit versions. I have had to reinstall this system a few times, using both versions -- the behavior has been consistent.
View 1 Replies
View Related
Sep 5, 2009
I've set up a caching nameserver on my laptop running Fedora 11. The problem with this is that NetworkManager always overwrites the entry that points to the local nameserver. NetworkManager no longer respects /etc/dhclient.conf or at least its scripts run after dhclient.conf. Also it doesn't respect /etc/sysconfig/ network-scripts/ifcfg-* setting of DNS{1.2}.The man page of NetworkManager describes scripts that run in /etc/NetworkManager/dispatcher.d which can be run when interfaces are brought up and down. I've written a script that will put the entry needed for the local nameserver.
View 1 Replies
View Related
Dec 6, 2009
I am sufferihng from two problems running emacs in Fedora 12: Firstly, whether I am logged in as root or not, starting emacs from an xterm gives me the following messages: Finished loading /usr/share/emacs/site-lisp/egg/leim-list.el and load others... Loading /usr/share/emacs/23.1/leim/leim-list.el (source)... Loading /usr/share/emacs/23.1/leim/leim-list.el (source)...done Not much of a problem, but I would like to know how to prevent this.
However, if I am logged in as root, or if I use 'su -c emacs' I get an additional message and then emacs takes a long time to start up. The additional message is: socket(): Address family not supported by protocol I did not get this in Fedora 10, and it is not so much the message but more the delay of a few seconds in starting up which is annoying me.
View 3 Replies
View Related
Nov 9, 2010
I can run emacs just fine as "me", but it consistently fails after a su:
Code:
#emacs
**
[code]....
View 7 Replies
View Related
Jan 28, 2011
I'm trying to change the colours in emacs ( I could do with a darker background).From what I could find I have to install emacs-goodies-el.noarch, which I have done. However, M-x load-library RET color-theme RET M-x color-theme-select RET then does nothing and I cannot find a way to change the colours.looks like the instructions were wrong, it was the color theme package i need now.
View 1 Replies
View Related
May 5, 2011
I recently installed Fedora 14 in an unused partition after having used Fedora 12 for some time. I used Add/Remove Software to download and install emacs successfully. However, there appears to be a bug in this version of emacs -- the menu bar grabs focus and will not give it back without cllicking on a menu item. I find this bug very annoying and would like to scrap 23.2 in favor of another version. According to emacs bug reports, this bug has been fixed in emacs 23.3 which is available right now from the emacs home page, but only as a tarball.
How long does it usually take for a new version, such as emacs 23.3, to become available as a Fedora rpm? Would it be possible for me to downgrade by installing the emacs 23.1 rpm? If so, how do I get it? (Fedora's Add/Remove Software lists only the 23.2 version for me.)
View 3 Replies
View Related
Sep 24, 2009
I don't understand this error nor do I know how to solve the issue that is causing the error. Anyone care to comment?
Quote:
Error: Caching enabled but no local cache of //var/cache/yum/updates-newkey/filelists.sqlite.bz2 from updates-newkey
I know JohnVV. "Install a supported version of Fedora, like Fedora 11". This is on a box that has all 11 releases of Fedora installed. It's a toy and I like to play around with it.
View 12 Replies
View Related
Sep 16, 2010
I have the Cap Locks key remapped as an additional Ctrl key. (I did that using the GUI System->Preference->Keyboard). This works fine all the time except when issuing one command to emacs. If I do CapLocks+Alt+ it does nothing yet Ctrl+Alt+ indents as needed. Since CapLocks should be the same as Ctrl I do not know what is causing the problem or how to solve it.
View 1 Replies
View Related
Sep 11, 2010
I had Emacs installed in Fedora 11 and want to run it text-mode,but everytime when I type emacs command in gnome terminal,an emacs graphical window pop up. I want to emacs to back to text-mode by typing M-x text-mode, and it doesn't work.Can emacs run in text-mode in X11 environment?
View 2 Replies
View Related
Jan 13, 2010
I usually develop python code with emacs, emacs being in python code. On my desktop a version is installed and/or configured that way, so I easily can choose a region in the code and simply click on a menu option to comment out this block of code (i.e. at the begin of each line in the selected code two '##' are put). That is very convenient.
However, on my Laptop, running F12 and emacs 23.1.1, this menu option is missing! I searched within google and found the hint that by pressing 'C-c #' I also can comment out a selected region. But on my emacs it says: 'C-c # is undefined'. Am I missing something? Anyone any idea how to fix/install/update/solve this problem, so I can easily choose a couple of python lines and comment them out?
View 3 Replies
View Related
