similar to: How to get UEFI setting by shell?

Hi,volotinen: as it mentioned in your web link: "Your on the right track your module need to be signed", my question how to sign test_file_system.ko? thanks, w.k. ------------------ ???? ------------------ ???: "eero.volotinen";<eero.volotinen at iki.fi>; ????: 2016?1?22?(???) ??3:42 ???: "CentOS mailing list"<centos at

Hi, CentOS7.1, Dell PowerEdge R730xd. How to check/get UEFI information by shell/bash terminal ? example:if UEFI is enabled? if secure boot is enabled? Thanks.

http://unix.stackexchange.com/questions/157539/cant-load-zfs-kernel-module-on-fedora-with-secure-boot-required-key-not-avai So, module must be signed with trusted key, or else it just fails. Eero 22.1.2016 9.34 ap. "wk" <304702903 at qq.com> kirjoitti: > Hi, > another question.With secure boot on, > I make a kernel module test.ko > Then insmod test.ko:

On 1/22/2016 7:04 AM, Gordon Messmer wrote: > On 01/21/2016 11:33 PM, wk wrote: >> How can I sign my test.ko for CentOS7.1? > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-signing-kernel-modules-for-secure-boot.html what a pile of security theater that MOK thing is. theater of the absurd, anyways. --

Centos 5 is also a bit old os. Is it possible to use newer version? (like centos 7 or centos 6?) Eero 2016-02-09 19:52 GMT+02:00 Gordon Messmer <gordon.messmer at gmail.com>: > On 02/09/2016 07:04 AM, John Cenile wrote: > >> does anyone have any suggestions on what the problem might be? >> > > Not off the top of my head, but if I were you, I'd enable debugging

IPSec is not recommended solution nowdays. OpenVPN runs top of single udp or tcp port, so it usually works on strictly firewalled places like in hotels and so on. -- Eero 2016-04-04 23:18 GMT+03:00 Gordon Messmer <gordon.messmer at gmail.com>: > On 04/04/2016 10:57 AM, david wrote: > >> I have seen discussions of OpenVPN, OpenSwan, LibreVPN, StrongSwan (and >> probably

Sorry but I have looked for over two days. Trying every command I could find. There is obviously a misunderstanding somewhere. After generating a key pair with ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/my.secrets I exported to a file with ipsec showhostkey --ipseckey > file The man pages says ipsec showhostkey outputs in ipsec.conf(5) format, Ie ***.server.net.

Well. Centos 5 is really near of it's end of life. There is not much updates to kernel or openswan. You should at least try latest openswan version. Your issue looks like a bit network problem. -- Eero 2016-02-10 8:34 GMT+02:00 John Cenile <jcenile1983 at gmail.com>: > So lowering the keylife / ikelifetime didn't solve the problem. I've > enabled debugging and I'll

On Sunday, October 11, 2015, Jonathan Billings <billings at negate.org> wrote: > On Oct 11, 2015, at 8:20 AM, C. L. Martinez <carlopmart at gmail.com > <javascript:;>> wrote: > > I am having strange problems with my cron jobs in my CentOS7 kvm > > host. After the initial install and first boot, any cron job > > configured had run (including cron tasks

2015-03-03 0:43 GMT+02:00 Tim Dunphy <bluethundr at gmail.com>: > > > > errr, I meant, sftp, not rscp > > > Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow > regular ol' FTP using SELinux? Or does that just defeat the purpose of > having a secure SELlinux server entirely? > FTP is not safe as it does not encrypt username(s)

in fact: modgnutls provides easy way to get tlsv1.2 to rhel 5 -- Eero 2015-04-16 21:02 GMT+03:00 Eero Volotinen <eero.volotinen at iki.fi>: > well. this hack solution might work: > http://www.tuxad.de/blog/archives/2014/11/19/openssl_updatesenhancements_for_rhel__centos_5/index.html > > -- > Eero > > 2015-04-16 17:30 GMT+03:00 Leon Fauster <leonfauster at

I generated according to the docs . Which produced my server.secrets as below used the command ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/www.example.com.secrets : RSA { # RSA 3328 bits ***.**.net Fri Apr 1 15:39:32 2016 # for signatures only, UNSAFE FOR ENCRYPTION

err. upgrades? You mean reinstall? As upgrading between major releases are not supported in any way on centos / rhel and clones.. -- Eero 2016-03-21 20:33 GMT+02:00 <m.roth at 5-cent.us>: > Glenn Pierce wrote: > > I asked about upgrading once and got no reply. Does anyone have > experience > > of having a hosted centos upgraded on a virtual server. Would you usually

Just trying to follow the instructions here https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html I don't think I am doing anything special. At the point where there is some communication going on Getting this error packet from *****:1024: received Vendor ID payload [Cisco-Unity] Apr 01 17:33:44

Am 16.04.2015 um 11:46 schrieb Leon Fauster <leonfauster at googlemail.com>: > Am 16.04.2015 um 11:43 schrieb Eero Volotinen <eero.volotinen at iki.fi>: >> Is there any nice way to get tlsv1.2 support to centos 5? >> upgrading os to 6 is not option available. > > > Unfortunately not. https://bugzilla.redhat.com/show_bug.cgi?id=1066914 -- LF

Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti: > Will ask my boss :) We are hosted on memset so not so easy to update > > Thanks > > On 21 March 2016 at 17:36, Eero Volotinen <eero.volotinen at iki.fi> wrote: > > Centos 5 is still soon end of life. Using it as ipsec gateway is .. > >

Hi List, I am looking for good multifunction (fax, scanner, ..) color network laser printer for Linux, any ideas? specs: - Linux, Windows and OSX support on printer and also on scanner. - A4 papersize http://multi.gnt.lt/Pages/brochures/HP/CM2320MFP-ENG.pdf ? thanks, -- Eero

Hi, What is the best tool for recovering files on really corrupted ext filesystem? I already tried photorec, but are there any better solutions available? (commercial software ?) -- Eero

Yep, maybe using ssl offloading devices like (BigIP) that receives tls1.2 and tlsv1.2 and then re-encrypts traffic with tls1.0 might be "cheapest" solution. -- Eero 2015-04-17 14:15 GMT+03:00 Johnny Hughes <johnny at centos.org>: > On 04/16/2015 05:00 PM, Eero Volotinen wrote: > > in fact: modgnutls provides easy way to get tlsv1.2 to rhel 5 > > > > -- >

Hi List, Are you really using firewalld and network-manager on Centos 7 production servers or old way disabling network manager and using pure iptables like on C6? -- Eero