[Dorset] Problems with Security certificate
Fiurefix 49,0 on Kbuntus 16.04 Using Dratel Modem/router I get as far as 'waiting for share gemmil.name' cheers pwl On 03/10/16 13:00, dorset-requ...@mailman.lug.org.uk wrote: Send dorset mailing list submissions to dorset@mailman.lug.org.uk To subscribe or unsubscribe via the World Wide Web, visit https://mailman.lug.org.uk/mailman/listinfo/dorset or, via email, send a message with subject or body 'help' to dorset-requ...@mailman.lug.org.uk You can reach the person managing the list at dorset-ow...@mailman.lug.org.uk When replying, please edit your Subject line so it is more specific than "Re: Contents of dorset digest..." Today's Topics: 1. Problem with security certificate (Graeme Gemmill) 2. Re: Problem with security certificate (Keith Edmunds) 3. Re: Problem with security certificate (Terry Coles) 4. Re: Problem with security certificate (PeterM) -- Message: 1 Date: Sun, 2 Oct 2016 17:06:11 +0100 From: Graeme GemmillTo: dorset@mailman.lug.org.uk Subject: [Dorset] Problem with security certificate Message-ID: Content-Type: text/plain; charset=utf-8; format=flowed I'm having a strange problem with a security certificate. I'm not asking every member of this forum to do this, but I would appreciate one or two responses. Enter http://share.gemmill.name/owncloud (i've used Firefox and Konqueror) It links through ggemmill.ddns.net to get round a dynamic IP address problem You will get a "connection is not secure" message. Please examine the reason ( "advanced" if you use Firefox) and examine the certificate details. From my machine, the certificate originates from Technicolor, Edegem, BE. Please confirm your result. The problem is that I created a self-signed certificate in my Apache virtual host stanza for owncloud, which is not the one that is reported. Some weeks ago I had a fibre broadband (hooray!) router installed made by Technicolor. One or two strange things happened after that (e.g. SMTP servers not recognised), but I cannot understand why a router should start imposing security certificates. The Technicolor router is the only Technicolor device on my network. The ISP (Fleur) denies any responsibility, and the manufacturer suggests "we suspect that the "certificate issue" is linked to firefox settings and/or the way firefox handles the certificate negotiations", although as I said it also happens with Konqueror. I can find no certificate on any PC on this network that contains "Technicolorl" Has anyone an idea how to progress? Regards to all Graeme -- Message: 2 Date: Sun, 2 Oct 2016 17:23:56 +0100 From: Keith Edmunds To: dorset@mailman.lug.org.uk Subject: Re: [Dorset] Problem with security certificate Message-ID: <20161002172356.5c7f9...@ws.midnighthax.com> Content-Type: text/plain; charset=US-ASCII On Sun, 2 Oct 2016 17:06:11 +0100, gra...@gemmill.name said: I cannot understand why a router should start imposing security certificates A lot of domestic routers intercept web browsing, so it wouldn't surprise me to see security certificates. A quick Google showed up this screenshot where you can see that "Web browsing interception" is "automatic". Personally, I've given up using such routers, and now run modem only and manage ppp from the server. http://screenshots.portforward.com/routers/Technicolor/TG582n/System_Configuration.htm -- Next meeting: Bournemouth, Tuesday, 2016-10-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] dorset Digest, Vol 599, Issue 4
On 12/09/15 13:00, dorset-requ...@mailman.lug.org.uk wrote: > Send dorset mailing list submissions to > dorset@mailman.lug.org.uk > > To subscribe or unsubscribe via the World Wide Web, visit > https://mailman.lug.org.uk/mailman/listinfo/dorset > or, via email, send a message with subject or body 'help' to > dorset-requ...@mailman.lug.org.uk > > You can reach the person managing the list at > dorset-ow...@mailman.lug.org.uk > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of dorset digest..." > > > Today's Topics: > >1. Password security (Tim) >2. Re: Password security (Ralph Corderoy) > > > -- > > Message: 1 > Date: Fri, 11 Sep 2015 23:09:02 +0100 > From: Tim> To: Dorset Linux User Group > Subject: [Dorset] Password security > Message-ID: <55f350fe.3000...@xendistar.co.uk> > Content-Type: text/plain; charset=utf-8; format=flowed > > Has anybody used this software > > http://enpass.io/ > > Been thinking about some form of password security for a while but don't > know what software is right to use > > Anybody got any thoughts? > > Tim > > > > -- > > Message: 2 > Date: Sat, 12 Sep 2015 10:02:31 +0100 > From: Ralph Corderoy > To: dorset@mailman.lug.org.uk > Subject: Re: [Dorset] Password security > Message-ID: <20150912090232.481552a...@orac.inputplus.co.uk> > Content-Type: text/plain; charset=utf-8 > > Hi Tim, > >> Has anybody used this software http://enpass.io/ > > Seems likely. ;-) > >> Been thinking about some form of password security for a while but >> don't know what software is right to use > > The FLOSS http://keepass.info/ for Windows has been around for a long > time. And https://www.keepassx.org/ is the Linux version, using the same > database format, though I think that's now cross-platform. It seems > popular. I think there are ports to Android too, but haven't follow > those. > > Cheers, Ralph. > > > > -- > > Subject: Digest Footer > > ___ > dorset mailing list > dorset@mailman.lug.org.uk > https://mailman.lug.org.uk/mailman/listinfo/dorset > > -- > > End of dorset Digest, Vol 599, Issue 4 > ** > Ralph, Yes there is an andriod port. I use it Windowa/Linux/Android and share the same file format Check the Android version first to see which version is common to all Keypass has 2 versions The Linux version I am using is KeePassX 0.4.3 cheers pwl -- Next meeting: Bournemouth, Tuesday, 2015-10-06 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] bash problem
A couple of weeks ago I suggested that ksh could be substituted for bash on a Linux server Well I was wrong It turns out on RHEL, at least, that root uses /bin/sh BUT when you look in /bin you find /bin/sh is a soft link to /bin/bash [kbuntu has /bin/sh as a soft link to dash - so that is probably immune ] Now go a little further into the /etc/udev/rules.d and examine the scripts in there and low and behold there is BASH specific code which will fail for ksh : popd and pushd plus some other elements So if root tries to boot the system - normal - but is using ksh your system may fail to boot and could even corrupt the files in this directory and its game over - a re-install will be called for. I guess good ideas need to be tested ;-) cheers pwl -- Next meeting: Bournemouth, Tuesday, 2014-11-04 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread on mailing list: mailto:dorset@mailman.lug.org.uk How to Report Bugs Effectively: http://goo.gl/4Xue
Re: [Dorset] dorset Digest, Vol 555, Issue 1
John I use this as my backup: function RsyncThem { echo now rsynch directories #rsync -rvpt --delete /home /backup/ rsync -vlH -e ssh --times --perms --owner --group --recursive /home /masterbackup/backup rsync -vlH -e ssh --times --perms --owner --group --recursive /etc /masterbackup/backup/etc/ } this function is called by a sheel being run as root. To answer your questions 1) no it does not verify the files copied 2) As you see I actually chose which directories to save, rather than what to exclude. But your list seems reasonable 3) I just use 1 as it gives me enough information 4) Running as the root user, from the root cron, I backup every user in the /home directory and all subdirectories, including the '.' Hope this helps Peter L On 29/09/14 13:00, dorset-requ...@mailman.lug.org.uk wrote: Send dorset mailing list submissions to dorset@mailman.lug.org.uk To subscribe or unsubscribe via the World Wide Web, visit https://mailman.lug.org.uk/mailman/listinfo/dorset or, via email, send a message with subject or body 'help' to dorset-requ...@mailman.lug.org.uk You can reach the person managing the list at dorset-ow...@mailman.lug.org.uk When replying, please edit your Subject line so it is more specific than Re: Contents of dorset digest... Today's Topics: 1. How to use rsync for backups (JD) -- Message: 1 Date: Sun, 28 Sep 2014 21:22:17 +0100 From: JD john.dub...@hotmail.co.uk To: dorset@mailman.lug.org.uk Subject: [Dorset] How to use rsync for backups Message-ID: blu436-smtp1121468f9f8a40c5aaa2ca7a2...@phx.gbl Content-Type: text/plain; charset=utf-8; format=flowed I've set up an initial use of rsync for making a mirror-type backup and I'd like some advice to improve it, please. 1. Does rsync verify the copies it makes? 2. What non-user directories should I exclude? My initial command is: sudo rsync -azvv --delete --exclude=/tmp/ --exclude=/home/john/Downloads/ --exclude=/home/john/GM2 --exclude=/home/shareddocs/Downloads/ --exclude=/home/evelyn/Downloads/ --exclude=proc/ --exclude=dev/ --exclude=mnt/ --exclude=media/ --exclude=sys// '/media/john/Ubuntu Backup/Mirror-backup' 3. How many v's should I use, e.g -azv? 4. I (user john) couldn't copy the .thunderbird subdirectories of user evelyn. Why not? I ran with sudo and other items copied OK. Temporarily, I've changed their permissions. Thanks in advance. John -- ___ dorset mailing list dorset@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/dorset End of dorset Digest, Vol 555, Issue 1 ** -- Next meeting: Bournemouth, Tuesday, 2014-10-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread on mailing list: mailto:dorset@mailman.lug.org.uk How to Report Bugs Effectively: http://goo.gl/4Xue
[Dorset] Bash issues
If you want to protect your systems against BASH then try KSH http://www.kornshell.com/ In all but a very few instances its compatible with bash and its not vulnerable. However I see patches for BASH are now available on RHEL websites and I have updated my servers cheers pwl -- Next meeting: Bournemouth, Tuesday, 2014-10-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread on mailing list: mailto:dorset@mailman.lug.org.uk How to Report Bugs Effectively: http://goo.gl/4Xue