Code signing.

A client is getting ready for NIAP certification. Part of this is verifying an ISO signature. The steps are Download SHA256SUMS and SHA256SUMS.gpg Get the key used for the signature Verify the signature Check the ISO with sha256sum Download sums and signature (SHA256SUMS and SHA256SUMS.gpg) from a mirror and save in a suitable working directory.[…]

MD5 and SHA512

A client was concerned that their password hash was MD5. A check of the /etc/shadow file showed: user:$6$UAxaIY9I$hAkj …   The first field annotated by a ‘$’ (: is the delimiter) is 6 = SHA256 (1 = MD5) And /etc/pam.d/common-password specifies it: ​ password        [success=1 default=ignore]      pam_unix.so obscure use_authtok try_first_pass[…]

RedHat Linux

We’re becoming RHEL experts. This started when I wanted to install the terminator package. The terminator package is in the Extra Repositories for Enterprise Linux repository. Step 1: wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm Step 2: yum install epel-release-latest-7.noarch.rpm Step 3: yum repolist Step 3 above shows all the repos you have loaded and access to: Loaded plugins: ulninfo[…]