I am using Locked Lynx 10.04r1 on my
Pentium D 3.0GHz
512 RAM
[URL]
UPR does not access the HDD then from where am I getting Swap 245.3 MB in my System Monitor? Not only that it even uses it.
i started on the "Installation & Upgrades" Forum. So this is basically a repost. I configured an encrypted swap during the installation process of my kubuntu maverick using the manual install CD. I do not use LVM. This worked fine but I made the mistake of assigning a password to the encrypted swap. I would like to change this in favor for a random key. I tried to change /etc/crypttab in the following way:
[code]...
Now the system still asks for a password for sda7_crypt at startup, but does not recognize the old password. It seems that the swap gets a random key and works fine anyway, so I really want to remove only the question for the PW at boot time. This is not a big issue, but it is annoying. When the system is up I can do swapoff and swapon without problems and no password is needed. Directly after boot swap works:
[code]...
Is there a way to encrypt your swap partition after installation?
View 3 Replies View Relatedmy current plan is to create a truecrypt container with the whirlpool hash. This container will be located on a hdd that is not where my OS will be located (so a separate physical sata drive).My concern is when this container is accessed, that some of the password information could be stored in my swap partition (which is on the main drive where the OS "/" is located)
I would like to have a script or command I could run that after I unmount those drives (or just halt the system) that my swap (and ram too if possible) could be wiped (or like overwritten with the shred command). Also, am I going about this the right way, or should I just use truecrypts FDE on the entire drive? In addition, when Ubuntu does it's default install, does it create a swap file in addition to a swap partition? If it does, would that be another vulnerability? If it is, how do I prevent this from happening?
I welcome any input you have on this. I am aware that once the drive is mounted, it is vulnerable, but I want the data to be secure as possible once my computer is turned off. Also, I have read that there are ram exploits where it holds your passwords for up to a few minutes after you turn the machine off, does anyone know how long that it and is there a way to clear it, or will only time let it fade?
I'd setup my new notebook letting auto-crypt swap and temp - temp for /tmp and /var/tmp - using /etc/crypttab. So I made into cryptab following:
swap /dev/sda6 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
tmp /dev/sda7 /dev/urandom tmp,cipher=aes-cbc-essiv:sha256
vtmp /dev/sda9 /dev/urandom tmp,cipher=aes-cbc-essiv:sha256
[code]....
Is it better to use:
Code: -c aes-cbc-essiv -y -s 512 Or:
Code: -c aes-xts-plain -y -s 512
I've never encrypted a disk before; I'm following the Arch wiki (I'm a newbie, basically). Should I try and encrypt my swap partition (I've got 512 MB RAM, 1 GB swap)? Ideally, I'd like to make it so it's not feasible for someone (even a very skilled someone) to access my files (and system -- I'm encrypting /), but still make it fairly fast and usable for day-to-day operations. If it matters any, I'm using JFS.
As part of making a encrypted private folder i told encfs to encrypt swap space on my pc knowing that this would probably break sleep and hibernation. That said i just turned on ubuntu for 5 mins, had to go away for a bit, when i came back to unlock the screen my password was not being accepted, and another 5 mins later the screen said that my session had timed out-i had to do a cold reboot Does this mean i cant lock the screen anymore?
View 7 Replies View RelatedI like to encrypt my swap and tmp partition with /dev/urandom but it doesn't work. I tried it 100 times and now I have no idea.
Code:
cat /etc/crypttab
swap /dev/sda3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
cat /etc/fstab
/dev/mapper/swapswapswapdefaults0 0
If I reboot I get the message "/dev/mapper/swap" doesn't exist. It seems, that crypsetup doesn't setting up the encrypted block device. SElinux is in permissive mode.
I would like to encrypt my swap partition ...During installation, I tried to select the "encrypt partition" choice, but it needed a passphrase.After installation, I tried to encrypt my partition ... I followed this article: The problem is that my swap partition always changes its path ...When I first booted the system, it was /dev/sda10, next it became /dev/sdc10, now it is /dev/sdb10. This is probably the reason why in fstab all entries are according to UUID.However, the swap partition is not fond of UUIDs ! I tried to mkswap /dev/<current swap partition> -L Swap, I received a UUID, puted it in /etc/crypttab ... it worked for the first time ... but the second time... did not.
View 14 Replies View RelatedI have FC6 system with kernel 2.6.22.14-72.fc6 When I rebooted my system, I got error message "unable to access resume device (LABEL=SWAP-sda8) then it went to fsck automatically to all the partition and then stop (failed)
Checking filesystems
/1:clean, 10543/2560864 files, 204494/2560359 blocks
fsck.ext3: unable to resolve 'LABEL=/backup'
/boot: clean, 155076/19546112 files, 13456168/39072080 blocks
[Code]...
Lucid on an Acer Travelmate800.Can anyone tell me why I have 0k for swap space? I allocated swap which I can see in my Disk Utility's 'volumes' display.
View 5 Replies View RelatedRAM for older machines like I use is fairly cheap these days. But flash memory is just as cheap or cheaper. So I'd like to ask about the feasibility of expanding my system's memory using flash memory. And about whether creating a partition for swap on the flash memory, or whether a swap file on the flash device, is the better way to go.
By flash memory I have in mind mainly USB sticks or what are sometimes called "pen drives." But I do also have CF and SD cards that, with the proper cheap adapter (one of which I already own for adapting CF) could be used to create extra swap space. So, what is the current consensus on the feasibility/advisability of using flash memory for swap? I've read about the limited write cycles of flash being an argument against using it for swap. But recent reading indicates to me that the limited write cycles problem applies mostly to older, smaller-capacity flash memory. Some will come out and say that, for larger-capacity flash memory, the life of the device is likely to exceed the amount of time your current computer will be useful (I think I've seen estimates in the range of 3-4 years life--minimum--for newer, higher-capacity flash memory).
A more persuasive argument I've heard against using flash memory for swap is that access times for these devices can be much slower than SATA, and maybe even IDE, hard drives. That would certainly dictate against using flash memory for swap.
So, how about some input on this issue? Anyone using flash memory for swap? If so, what kind (e.g., usb stick or SD/CF)? Are you using a swap file or a swap partition? How's system performance? Likewise, has anyone had flash-memory-used-as-swap die on them? The consequences would undoubtedly be dire. Also, has anyone measured flash memory access times to confirm or refute claims about slow access times? Are some types of flash memory better/worse than others in terms of access times?
Does one need to Check the Swap filesystem, from time to time
View 4 Replies View RelatedI've recently just installed ubuntu 11.04 but seem to have made a big mistake. During the install process I was asked to specify a location to be used for swap. Not really understanding what this meant I chose another partition on my drive with some free space but also a lot of my data. Needless to say I now cant see that partition. Is there anyway for me to access it? or to at least recover the information I need from there? its about a 200gig partition, and it used to be ntfs.
View 2 Replies View RelatedI know it's possible, but does anyone have a URL or tutorial on how to do this?
View 3 Replies View RelatedI currently have a user on my Ubuntu server that I want to block completely from login. I know right now they login with SSH keys so they don't need to enter their SSH password. Can anyone tell me how to remove the SSH key login for their username and root user which I believe they use too and block SSH access alltogether.I will then just change the root SSH password.I'm terrified they will do some harm so I need them blocked out ASAP.
View 7 Replies View RelatedI am used to, on starting Ubuntu on my Netbook, being prompted with a password challenge to open my Keychain required to authenticate against the WPA enabled WiFi network.
Now, Ive recently installed Ubuntu on a desktop PC, along with some dev tools (Code::Blocks etc.) but it gives me a keychain access challenge about 4 times on startup. I can't seem to figure out which app is trying to (get my permission to) access my keychain, and for what Purpose.
(By contrast: on my Mac, when an application tries to open the keychain, the application, its certificate, and the search data of the matching key that will be accessed are all displayed making it much easier to determine what app is being naughty) How do I do simular diagnostics with Natty?
When I cancel these requests, nothing "breaks".
I have installed an Ubuntu server and it running OK. Before making it a production server, I want to make sure one day if the OS corrupts accidentally, I can still access the users' files on the hard disk.
I burned a Ubuntu desktop live CD, and booted it with this machine. There are 2 hard disks on the server, both could be mounted automatically. However, I can only access some folders like lost+found.
The questions are:
1. how can I access the other folders, given I have the root password of the server.
2. is there a way to access all folders without knowing the users + passwords?
how i can remote access my pc at home from work ? on different pc that has access to INTERNET. what software shall I install on my pc at home ? I want to be able to install software on my pc at home from my work place, my home pc has unbuntu Linux ubuntu 2.6.31-17-generic #54-Ubuntu SMP Thu Dec 10 17:01:44 UTC 2009 x86_64 GNU/Linux
View 9 Replies View RelatedI am setting up a new ubuntu server, and I am quite new to linux. This server will be used as code repository for a project I am going to be working on. I plan to setup 3 groups for users: dev, test, doc
- for various developers, testers and documentation users.
I would like to setup the following permissions on the main code repository directory:
dev - write permission
test - execute permission
doc - read permission
public (anyone outside these groups) - deny all access
I am unsure what chmod setting to use, or if this is even possible in ubuntu.
To get my Thunderbird email to work and to do FTP to my website I have to use TERMINAL and enter the following code in Root;
iptables -F
At one point weeks ago I got Gufw and I don't remember if that had any effect.
I'm using Ubuntu x64 (dunno which version, but I don't think it matters) and I'm concerned about security with PHP.I remember using lighttpd and I had some mystic configuration and the secuirty was perfect for me - if one website gets hacked then the others are still safe (kinda).Now with apache2 if I enable safemode I'm still able to go outside web directory and actually I can go really far untill user/group matches.I tested the system with r57shell and I was able to mess up other websites.Is there a way to disallow access to other websites?
View 5 Replies View RelatedI have a dual boot machine and recently did a fresh install of 10.4. It no longer asks for a password to access the Windows partition and I full access to it. This seems insecure to me and was wondering if someone else came across this. I thought I saw this topic discussed before but I can not seem to find it now. Is this a bug or a new unpleasant feature?I don't think it makes a difference but I do have a separate encrypted home partition on this fresh install. I have also done two fresh installs. (Well three...once testing out KDE but didn't try the Win partition. )
View 9 Replies View Relatedis there a way to access facebook without cookies?
View 1 Replies View RelatedI happened to be looking at my Apache-2.2.8 log on an Ubuntu LTS 8.04.4 system, and noticed a few lines like this:
Code:
61.160.212.242 - - [06/Mar/2010:07:04:41 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-"
61.160.212.242 - - [06/Mar/2010:07:05:29 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-"
xxx.xxx.xxx.xxx - - [06/Mar/2010:07:56:15 -0800] "GET http://218.30.115.246/ HTTP/1.1" 400 290 "-" "-"
(The third line is me telnetting to the server and trying to issue the same request. Note that I got a 400 error response, while the guy coming from 61.160.212.242 got 200s. Also, if you just open the http://218.30.114.246/ URL, you get back "hello" (nothing else, just 5 characters). I'm presently putting together a bootable CD with chkrootkit to run on the machine. (I found a thread that mentioned in passing that this was related to PHP, which I have running on that Apache server, but my Google-fu isn't strong enough to track down the original thread.) (After checking with chkrootkit: nothing unusual found.)
it's driving me nuts. Done a few things now, including this last: [URL]that didn't work. All the other comps in the house are windows 7, and I want this box to be my file server, with two 1 TB HDD plugged into it via USB, but I can't get the damn samba to allow access to everyone. Here's the path in the config file:
[data]
comment = Test sharing
path = /media/Shared
[code]....
Is there a way to identify exactly what application is asking for keyring access at the given time? I get this query every boot and it's getting annoying. The annoyance is there, but more importantly and from a personal security standpoint on desktop systems, it's pretty bad that it doesn't say what application want's the access.
View 7 Replies View RelatedI temporarily placed a Back in Time backup into the root partition, by running it as root.However, I couldn't get it back out on the Desktop, so I opened a terminal window and ran 'sudo nautilus', which I now know should be avoided. I couldn't bring up "Properties" of the root folder, but I was able to open it and see the backintime folders. I then clicked on root, which was in the toolbar row "< root backintime" and was able to get full access to properties. I flipped folder access to "create and delete files" for Otherter disconnecting from the network, and moved the folder to the Desktop. So, is this correct or is it inconsistent that I could open root from the toolbar and not from the folder listing when opening 'filesystem'?
View 6 Replies View RelatedI'd like to be able to limit access to a particular website, based on the time of day. I would also like to be able to password protect this if possible.So for instance, from 7am until 10pm daily, I can access URL... but after 10pm it redirects to 127.0.0.1 or something. And this configuration be protected by only allowing a certain user (other than root) to change the config?
View 7 Replies View RelatedIs it possible to remotely access, inject, manipulate files and/or folders in the Windows NTFS partition when logged into Ubuntu?
I'm either logged into Windows or Ubuntu but NOT both -- ever. Therefore, while logged into Ubuntu, would it be possible for someone to crack into Windows via Ubuntu using Wi-Fi or modem?
