In the last couple of months Xorg has been crashing more or less on a daily basis. What happens is that while you are there browsing the internet, or certain times even doing literally nothing, Xorg crashes and after a second of black screen the user is sent back to the login page. Hardware configuration of my machine is: CPU: AMD Ryzen 7 1700x Motherboard: Gigabyte X370 K7 - BIOS F23d RAM: 2x16 GB DDR4 HDD: Samsung 850 Pro GPU: Nvidia GTX260 Monitor #0: Dell U2412M connected via DVI-D Monitor #0: Dell U2412M connected via HDMI-DVI cable OS: Fedora 28 and Fedora 29 x86_64 GPU driver: nouveau, various versions others: varius versions of Linux, Xorg, mesa, etc I don’t think having two monitors is the culprit nor using a very old Nvidia graphic card is because a friend of mine runs a completely different system (AMD Radeon RX480, single monitor connected using Display Port) and still suffer from the very same problem.
Today I red an article that was comparing Fedora 29 and FreeBSD 11.2 network performance in a KVM/Qemu environment. Since I use KVM/Qemu and also Fedora and Freebsd I powered on a couple of vm and did my own tests. Results are quite interesting, I expected FreeBSD to be faster but it turns out Fedora 29 actually is. Host system configuration: CPU: Ryzen 7 1700x @4 GHz Motherboard: Gigabyte X370 K7 - BIOS F23d RAM: 2x16 GB DDR4 @3133 MHz CAS 16 HDD: Some Samsung SSD Operating systems Host: Fedora 29 x86_64 Fedora VM0: Fedora 29 X86_64 Fedora VM1: Fedora 29 X86_64 FreeBSD VM0: FreeBSD 11.
XMPP over TLS (formerly XEP-0368) is a clever mechanism that allows users to connect to a XMPP server from networks that restrict outgoing traffic only to specific ports; this block is circumvent by routing XMPP traffic via port TCP 433. If the server hosts only a XMPP server setting up XMPP over TLS is pretty easy, just instruct the server to listen on port 443. If the server also runs a webserver which is listening on port 443 things are a bit more complicated; luckily Nginx provides a way to manage XMPP traffic and redirect it to the XMPP server.
Guess it is time to write my first post using Hugo. Yesterday I downloaded a torrent consisting of 2 years worth of 4chan posts, the plan was to mess with it and use the data to train a chatbot. Dealing with big datasets is always fun because even the easiest tasks tend to get complicated, for example extracting the data from a ~3 GB tar.gz compressed archive was a challenge by itself.
For some reason one of my CentOS 7 boxes decided to nuke itself yesterday, when I powered it on it prompted me with the following error: “failed to open \efi\centos\grubx64.efi”. What I did to fix it is: Boot up a rescue USB, mount the required partitions and chroot. Add a DNS server: $ echo "nameserver *.*.*.*" >> /etc/resolv.conf Enable networking using ifconfig (in my case it was already enabled).
The idea here is to have a LUKS2 encrypted volume stored on a remote server that allows authenticated clients to load and decrypt the data without letting the server know what is being written, read and stored. Keep in mind that this solution is not 100% bulletproof, you still kind of have to trust the backup server because a malicious entity might take multiple snapshots of the encrypted iSCSI LUN and try to crack the encryption.
Version 2 of cryptsetup got a few new fancy options, one of them is the ability to use Argon2 as key derivation function. Creating a LUKS2 volume with Argon2 as hash function is very easy: sudo cryptsetup luksFormat -M luks2 --pbkdf argon2id -i 5000 /dev/sdb Please note that grub still does not support it, so it can’t be used for boot drives. Once the volume is created, to mount it run:
In Fedora, CentOS and probably many other Linux distros “ssh-keygen” still defaults to RSA 2048. People have not yet realized that the newer, and also faster, elliptic curve cryptography is available; even between my peers I still see that many of them are using old and insecure RSA based keys. Since SSH clients support multiple keys transitioning to newer keys can be painless: 1. create a new elliptic curve key;
For some reason “gpg –gen-key” still defaults to SHA1 and RSA2048, due to the known weaknesses of SHA1 it is probably a better idea to use SHA256. First of all, we need to create a configuration file. personal-digest-preferences SHA256 cert-digest-algo SHA256 default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed To generate a new key type (also specify to use RSA 4096): gpg --gen-key ### or gpg --full-generate-key Other useful commands are:
Apcupsd is a powerful daemon that can be used to manage APC UPS, add epel repositories and run: $ yum install apcupsd To configure apcupsd edit the following file: ## apcupsd.conf v1.1 ## # # for apcupsd release 3.14.14 (31 May 2016) - redhat # # "apcupsd" POSIX config file # # Note that the apcupsd daemon must be restarted in order for changes to # this configuration file to become active.