Saturday, August 20, 2016

(Re-)Enabling DSS for key-based authentication

By default, recent versions of OpenSSH don't employ DSS-based authentication. Some claim this is due to performance reasons (RSA encrypts faster, DSS decrypts faster) and others will point to vague discussions on security. It appears to be a preference by the maintainer.

It's not that the server refuses to use DSS. DSS is actually disabled in the client. To enable the use of DSS, create ~/.ssh/config containing the following line:

PubKeyAcceptedKeyTypes=+ssh-dss

You shouldn't need to restart any service. The next time that you use your client, DSS authentication should work.

Thursday, August 18, 2016

Docker, Armbian, and the CubieTruck

I took the easy way out (or so I thought) in rebuilding the Cubietruck (the very low end SSD was showing signs of failure at day #1 but it lasted 2 years before total failure). Instead of Cubian, I installed the Legacy version of Armbian. I burned up most of a day getting the OS installed, the wifi to work without interaction, and getting Docker installed.

The short version (from a couple hour's "research") is that there are two versions of Armbian for the CubieTruck: the Legacy (kernel 3.4.x) version and the Vanilla (kernel 4.6.x) version. The short version is that Docker will not install on the Legacy version of Armbian for the Cubietruck.

The good news is that you can run the following (as root) to upgrade the Legacy (3.4.x) version to the Vanilla (4.6.x) version:

wget -q -O - http://upgrade.armbian.com | bash

Once the upgrade is complete, and the machine rebooted, Docker will install without complaint. Thanks go to "admin" at the Armbian forums, whoever you are...

Sunday, August 7, 2016

What's been in my wallabag this week? (20160731)

First week of August completed. Three to go...

Achievements so far: 2000+ miles traveled. 8 states crossed by car. One out-of-town assignment completed. Travel claim successfully submitted (this is harder than it sounds). Discovered and reported SQL injection vulnerability in a vendor's web site (this was easier than it sounds; I wasn't actively looking for one but I do read error messages).

Failures so far: caved and violated diet in Connecticut (Dunkin' Donuts and Nathan's Hot Dogs are sold at I-95 rest stops). Circadian rhythm irreparably borked.

Still to go: Two (each) week-long courses, one with a test. Surgery on one eye. A 5-yr physical that's 2 years overdue. Meeting due date for writing two procedures and performing research for a smart card presentation. Possible 2nd trip to DC. Need to apply at ODU or Capital, or re-apply at St. Leo (I've been a slacker for the last 5 years, taking "shiny stuff" courses instead. Supervisor wants me to pass Calculus again, mostly as a "shut up" move to others). Need to brush up on cross-debugging for the pending industrial controls class (I'm reading two books during lunch and playing with gdb in the evenings.). Need to find out if I'm teaching this fall.

Would you believe that I volunteered for all this? (Okay, maybe not the Calculus part.) Looking forward to September, where schedule drops back into sleep/drink coffee/work/eat dinner/sleep routine

In any case, the stuff I've been reading in the last few weeks... Will be switching to a (trial) monthly format for the Wallabag stuff. Below closes out July.

2016-07-17

- The Magic of "Untranslatable" Words

2016-07-20

- Whatever Happened to Wordstar? Dvorak News Blog
- Memory management in C programs
- You Might Not Need Electron
- The Fake Townhouses hiding Mystery Underground Portals
- Give me 15 minutes and I'll change your view of GDB

2016-07-21

- Git for Windows accidentally creates NTFS alternate data streams

2016-07-22

- A tcpdump Tutorial and Primer with Examples

2016-07-23

- TV Loses Grip on Eyes and Ads That Want Them
- 10 Facts Schools Never Taught You Adal Paredes

2016-07-24

- Microsoft Rewrites Wassenaar Arms Control Pact To Protect The Infosec Industry

2016-07-28

- Shut up snitch! - reverse engineering and exploiting a critical Little Snitch vulnerability - SentinelOne
- USB charging part 1: requirements [LWN.net]
- Concerning Attribution of Hacking
- WikiLeaks Has Officially Lost the Moral High Ground
- Twitter's Fucked
- Fuzzing Unserialize Security Research
- XSA-148 from guest to host