linuxquestions.org linuxquestions.org

Different Intermediate Certificates on client/server question

Hi all, Hope someone can explain the impact as I know a bit but not too much about using certificates. We use an external CA QV (I think now Digicert) to create certs and install into the web, vpn, wired/wireless dot1x servers. QV recently revoked an ICA and provided a new intermediate which prompted a scramble toupdate the vpn concentrators, web , etc. Some mobile phones running iOS and android suddenly stopped connecting to the...

linuxquestions.org linuxquestions.org

The key or hash, for the Enrolling of efi binaries in the MOK manager window?

I installed the rEFInd boot manager with shim, and created my own this key: Code: openssl req -config ./mokconfig.cnf \         -new -x509 -newkey rsa:2048 \         -nodes -days 36500 -outform DER \         -keyout "MOK.priv" \         -out "MOK.der" And converted the key also to PEM format: Code: openssl x509 -in MOK.der -inform DER -outform PEM -out MOK.pem with the mokutil imported the...

linuxquestions.org linuxquestions.org

Why is our country not using a "hardened" linux as a defense against hacking attacks?

Why has there not been a massive shift from windows to a hardened version of linux. Installing malware should be much harder than it is. (Depending on how hackers were able to change SolarWinds source code, what follows would not address that particular cluster futz). I had a computer many years ago where the hard disk had a jumper setting to make it read-only. It would be easy to physically alter a computer system to have hard disks...

linuxquestions.org linuxquestions.org

Changed SSH port but still see login attempts in auth.log on Ubuntu 14.04.6

Hi, I changed my ssh port (/etc/ssh/sshd_config) to an obscure number and confirmed it's working. I am still seeing login attempts (and fails) in my /var/log/auth.log. 1. Is that normal or should those attempts no longer generate log traffic for auth.log? 2. Second question. I see in the log entries a mention of various ports ( ....from 49.234.100.133 port 59898 ssh2.....). Does this mean users are trying to log into the system...

linuxquestions.org linuxquestions.org

VPN routing on IPFire

I'm trying to create an OpenVPN connection to an old IPFire but the generated client config doesn't work with the server. #OpenVPN Client conf tls-client client nobind dev tun proto udp tun-mtu 1400 remote a.b.c.d 1194 pkcs12 test.p12 cipher AES-256-CBC auth SHA512 verb 3 ns-cert-type server verify-x509-name a.b.c.d name a.b.c.d is the public IP of the IPfire. It should give an address on a dedicated OpenVPN subnet when connected but...

linuxquestions.org linuxquestions.org

Identifying IP addresses of hackers

Okay, majorly freaked out here. I was talking to someone on Facebook last year for quite awhile, odd fellow, very paranoid.....but only through text (we never spoke over the phone, or met). They were on the political forums, and we chatted. He sent me his resume(??) saying he was in a doctorate program studying AI and doing "research". He claimed to be from Texas, but definitely spoke Russian. He got progressively more...