Linux 4.7 will have security features of Chrome OS

linux and chrome

Very recently we have available the latest Linux kernel. But Linus Torvalds and his team are already working on Linux 4.7, the next kernel team. At the moment we know little about Linux 4.7 but how little we know is already interesting.

 

Apparently this new version will have a new security feature that has been ported of Chrome OS, a security feature called LoadPin. This new version will be interesting for the field of security, since LoadPin avoid loading modules and that affects the integrity of the kernel.

LoadPin is an interesting feature that will Linux 4.7 and that will not only full confidence modules  in the kernel to load, but once loaded not be loaded more modules or simply restrict loading modules so that no “sneaking “new modules in the system.

LoadPin comes from Chrome OS but is an interesting feature for many, but especially for the business environment that will allow the kernel safer with this new feature, because it will not allow dubious code modules that add meaningless.

The current intention of the team is to improve the kernel Linus and therefore LoadPin is a great security tool. But not the only innovation in Linux 4.7, but unfortunately I do not know the new tools to be integrated into Linux 4.7.

Personally I find interesting LoadPin and wonder because the team did not include this function in the Kernel 4.6 or earlier versions. In any case it is clear that the more free software projects exist, more profit is the end user

SSH login without password

ssh

You want to use Linux and OpenSSH to automate your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don’t want to enter any passwords, because you want to call ssh from a within a shell script.

 

First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:

a@A:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
ae:ff:03:74:ba:7f:66:73:3x:35:45:f5:c7:ac:57:a6 a@A

Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine):

a@A:~> ssh b@B mkdir -p .ssh
b@B's password: 

Finally append a’s new public key to b@B:.ssh/authorized_keys and enter b’s password one last time:

a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
 b@B's password:

From now on you can log into B as b from A as a without password

a@A:~> ssh b@B

A note from one of our readers: Depending on your version of SSH you might also have to do the following changes:

Put the public key in .ssh/authorized_keys2
Change the permissions of .ssh to 700
Change the permissions of .ssh/authorized_keys2 to 640

 

Summary

1) Run the command below on A and keep type enter while following the prompt:
ssh-keygen -t rsa

2) Create the ~/.ssh on B from A via ssh:
ssh mylogin@B mkdir -p .ssh

3) Append public key from A to B’s ~/.ssh/authorized_keys by running the command below on A:
cat ~/.ssh/id_rsa.pub | ssh mylogin@B 'cat >> .ssh/authorized_keys'

4) Verify:
ssh mylogin@B

Permission:
– ~/.ssh needs to be 700
– .ssh/authorized_key needs to be 640

Linux: How To Use RVM to Manage Ruby

Ruby is a very popular programming language that has Ruby on Rails, or RoR, is a popular development framework that allows you to easily get your application up and running with minimal hassle.

Developing applications often times requires that you emulate different environments. Different versions of Ruby may be necessary for different projects. With conventional installations, this would impede your ability to be flexible.

Continue reading “Linux: How To Use RVM to Manage Ruby”

How To Install Ruby on Rails on Linux Mint 17.3

Ruby on Rails is one of the most popular application stacks for developers wishing to create sites and web apps. The Ruby programming language, coupled with the Rails development framework, makes app development simple.

Since Ruby on Rails doesn’t come in a neatly packaged format, getting the framework installed used to be one of the more difficult parts of getting started. Luckily, tools like rvm, the Ruby Version Manager, have made installation simple.

In this guide, we’ll show how to install rvm on an Linux Mint 17.3, and use it to install a stable version of Ruby and Rails.

Continue reading “How To Install Ruby on Rails on Linux Mint 17.3”

How to install Chrome on Ubuntu 14.04?

Google Chrome

Open a terminal and follow:

cd 
wget https://dl.google.com/linux/direct/google-chrome-stable_current_i386.deb
sudo dpkg -i google-chrome-stable_current_i386.deb

If you want the 64bit version just replace i386 with amd64

If you encounter any errors simply use:

sudo apt-get -f install

 

Enabling Hibernate feature in Ubuntu

Recently, one of my friends had been facing an issue regarding the hibernation in Ubuntu 11.04. He googled all over the internet, found a lot of solutions but none of them worked out for him. Finally, we worked out a solution which I am going to share with you in this article.This article is dedicated to those people who are facing the same issue and never found a solution and for it. Also, I have taken a few lines from wikipedia to just let you know what basically hibernation is and what all are the benefits of hibernation.
Hibernation is a feature of many computer operating systems where the contents of RAM are written to non-volatile storage such as a hard disk, as a file or on a separate partition, before powering off the computer. When the computer is restarted it reloads the content of memory and is restored to the state it was in when hibernation was invoked.
Hibernation is used as an alternative to powering down the computer, because hibernating and later restarting is usually faster than closing down, later starting up, and starting all the programs that were running. Going into hibernation requires no user interaction; shutting down when programs are open either requires programs to be closed properly, or user interaction to force them to close, with possible loss of data or additional work on the part of the user to save all unsaved data in running programs.
This is how it all worked out, I have mentioned it step by step here. You don’t need to be a hard core coder for this, just open the terminal and follow these steps:

Open Terminal and go to root or just login through root
Type- vi /etc/default/grub
You will find the following line:-
GRUB_CMDLINE_LINUX=” “
Type resume=/dev/my_vg/swap in the double quotes(“ ”), it should be like this:-
GRUB_CMDLINE_LINUX=”resume=/dev/my_vg/swap” and save it.
Now update grub by typing:-
upadate-grub
Type – vi /etc/initramfs-tools/conf.d/resume
Edit the following command in that editor:-
resume=/dev/my_vg/swap and save it.
Now update by typing:-
update-initramfs -u

Try hibernating your system and check to find it working.

Linux in undeveloped countries

Open-source software, or more precisely the FLOSS (Free and Libre Open Source Software) is arguably one of the best gifts the 20th century had presented us with. With the turn of the century, we continued to nurture this gift, and polish it more and more. A vast array of open-source software arose from our collective efforts, and indeed they’re helping make the world a better place for everyone.

One point, that is often overlooked by the advocates of FLOSS is, the way FLOSS benefits the economy of an emerging nation. There are uncountably many benefits we derive simply by switching to FLOSS, and gradually they boost our finances, individually, collectively and universally.

Let us first consider the situation from ‘individual’ perspective. As many of my learned friends hailing from the Linux communities have mentioned it time and again, Linux lets us continue using our relatively older hardware. If you’re into Macintosh or Windows, you’d need to buy new hardware, or upgrade your existing system every few years or so. This is because day by day these operating systems get more and more resource-intensive. Windows Vista, for example, was more or less a failure, while Windows 7 did improve the situation much. But both of them have those fancy desktop features enabled by default. Windows Aero is beautiful, I’ve used it personally. But at the same time, effects of a similar, if not more, degree of excellence and beauty can be generated using Linux’s multiple desktop environments. For example, what Compiz fusion does is essentially beyond the reach of Microsoft even today. Turning your desktop into a cube, writing your name with your pointer in flaming letters and making it ‘rain’ on your desktop, they’re just elegant.

But while such fancy features serve as nice eye-candies, they can only serve that much. They help us lure more people to try a particular OS of our choice, but they more than often don’t contribute to our productivity. That’s why I like to keep my Linux distro simple and elegant.

With Linux, I can go on using the same computer for years and years. For example, the laptop I am typing this article on is a Dell Inspiron, 2 years old. Yet, I didn’t feel more than maybe once or twice, that it’s getting slower. I confess, once it got very cluttered, but just after cleaning the /var/cache/apt/archives and using Ubuntu tweak a bit, it returned back to normal. This is the beauty of Linux, it’s almost divine simplicity.

Government offices can switch to Linux to cut costs, and this extra money generated will be utilized for betterment of services.

Enough talks, now let me present a few points, which show how Linux benefits the economy of emerging, developing nations:

1. Use older hardware

Linux allows us to spend less on hardware components, and this gives a big boost to the collective economy of the nation. And one should also understand that computers are for working, not gaming. My cousin, who’s an avid gamer, keeps on buying those fancy graphics cards from Nvidia stores, and although I’ve tried to switch him to Linux, he’s just too reluctant to do so. But it is not almost a reality, that with the release of Stream, Linux is finally able to support high-end gaming.

For a country like India, this is important. An average Indian does not have enough financial capacity to afford a new computer every one-and-half years. And why should we do that? Computers should serve us, we shouldn’t serve them! Computers are for working, and changing them every one or two years also destabilizes the working environment.

2. Linux gives us access to a multitude of free software

This is very important for an evolving economy. Microsoft and Apple, they both are American companies. So, if you legally pay for the new releases of Windows or Mac, you’re actually shipping a part of your money to the USA. While this is good for the American economy, what about other nations? UK, Germany, France, Japan, India, we’re basically all forced to rely on Microsoft (more or less). And why should we pay for such software when we can legally get them for free?

The GIMP vs Photoshop debate is one such. Unless one is an expert photographer willing to work in some Hollywood production, I don’t think there’s any need to use Photoshop. GIMP does everything you want it to do. While the learning curve is a bit steeper with GIMP, you also have absolute control over everything. You pay $0 for your software, you can even download the code and modify some or all of its aspects if you don’t like it, you can request a new feature and it has the chance of getting implemented, you get to be the part of a vibrant community of GIMP users! Thus, the spirit of Open-Source benefits economy.

For an emerging nation like India, I believe Linux should be implemented everywhere. Stop paying for software, and stop pirating them, because you can have them for free!

3. Linux increases our level of understanding

Linux and most open-source software have a steep learning curve, but that’s a great benefit. It boosts the nation’s economy, by helping us set up local support centres for Linux-based systems. Since you can have the software and its code for free, you can essentially study it however you want to. The best part is, you can even develop a new distro and make a good business with it as long as you’re following the rules laid down by the respective license.

The Chinese government has fully recognized it, and they’ve teamed up with Canonical to build Ubuntu Kyelin, the Chinese version of Ubuntu. This is indeed a great achievement, because millions of Chinese computer users are now free from the monopoly of Microsoft. Thousands of Americans themselves can be free from the tentacles of Apple if they switch to Linux. 

4. Spend less on those costly antivirus software

Yeah, people go on buying, and often pirating, licenses for those fancy antivirus software they ‘need’ to keep their PCs safe. Many Indian companies have started joining the business, for example the Quick Heal company of India. Antivirus software won’t be required if you’d switch to a more efficient, more secure platform. And that is what Linux is! I’ve been running Linux Mint and Ubuntu on my desktop and laptop respective for more than 1.5 years at a stretch (without reinstalling even once. I just upgraded them both when new versions got released). And not a single day came when I actually had to worry about buying a new antivirus software. And indeed, no infections occurred, ever.

Most people here don’t even know what Linux is, but the few who do often bring up this argument: Windows has more than 90% or market share, and virus-writers would want to cause more damage with their destructive pieces of code. That’s why antivirus software is needed to keep the system safe. If Linux grows that popular someday, or even half that popular, it will no longer be ‘secure’.

But a nice counter argument can be forged using the data we get from server-side computing statistics. The LAMP system is getting more and more common nowadays. And Apache by itself has more market share than Windows Server systems. Still, the number of attacks successfully launched on Apache servers is much less. Why? Because of the superior design of FLOSS.

5. Less maintenance costs

This is point by its own right. Using Linux and open-source, you get to be using bleeding-edge technology, and most of the time without paying a buck! Linux requires less maintenance, and actually helps you focus on your work. There’s a common joke regarding Windows, “Have you finished your daily Windows re-installation?”. Although this is really far-fetched, Windows really slower and slower with every usage. Its registry is just a dull thing is that also, however, ‘the heart of Microsoft Windows’. When I used Windows, I had to perform my routine re-installation every 3 months or so, installing every single piece of software thereafter. Why do we need that when we can go on running the same system for months and years? This makes us more productive.

Developing economies, and even developed ones, need their people to dedicate their time to working, literally. I am a student, and my primary task is studying. I intend to use my computer for the sake of boosting my education, and yet, with windows, I’m forced to spend a large chunk of time in maintaining the system alone! With Linux, I can actually focus on my work, rather than my system.

 

And those ‘specialized’ software? I don’t support the process of running Windows software on Linux using WINE. I understand that there are certain software which are still lacking in Linux. But the gap is actually being bridged up! As more and more people continue to join Linux, the authors of those ‘specialized software’ are releasing their equivalent native Linux versions. Microsoft Windows has  a number of specialized, paid software suiting some specific needs because it has more market share, not because of its ‘superior design’. And it has more market share because more people use it! That’s not a virtue of the platform itself. So, as more and more people will continue to join the Linux club, we’ll be witnessing the development of more quality software for Linux as well.

In many other ways, Linux and open-source benefit the economy of emerging nations. And I personally believe the superior design, greater flexibility and more security of Linux will finally help the masses see the light and switch to this free, elegant platform.

iPhone, iPod Touch, iPad and Apple TV on Linux

IPhone on Linux

IPhone on LinuxMany people have claimed that the only thing keeping them attached to Windows is iTunes, so this is for all those people. While researching the steps for jail-breaking an iOS device I stumbled upon what is the equivalent to iTunes for a Linux system. The software seems pretty solid and it runs well from my own trials, although I don’t own an iPhone. The project has been around since 2007 and has turned into a pretty solid piece of software. Go here to download the software and learn more about the project. The setup may seem somewhat intimidating upon first glance, but see page (http://www.libimobiledevice.org) will see that there is not that complicated.

Howto: KVM Server Virtualization

I want to virtualize a server from scratch. I have a server in mind already, but I don’t want to bother with virtualizing it directly since it is running on a dated OS.  I figure I will build a new VM in parallel on some spare hardware and then migrate the image over to my beast server. Some key benefits of this are that I can use some of the spare capacity of that beast server to test out other server operating systems and software in parallel with my main server.  Also, I can install crashplan on the host itself and have it backup my server images for painless offsite backup whereas now I really don’t have a backup of the physical server configs.This guide will be devided into three stages as follows because this is the order I carried out the steps in.

  1. Set up a host CENTOS 6.3 server
  2. Set up a guest MINT 14 server (with MATE desktop)
  3. Set up a static bridged network and configure our VM to use it

Setting up host server

First thing, you should make sure your processor supports kvm virtualization. Install CENTOS 6.3 or later. I am not a redhat/centos guy for most of my home Linux systems, but it seems ideal for a VM host where I don’t really need the latest and greatest packages and stability and concise configuration are key. I am assuming you can install this on your own with the graphical installer or however.
Now, we will need some special tools to get virtualization running.  As root, do the following on your fresh CENTOS box:

# I recommend you update your box first, this may take a while

yum update

 

# get the core virtualization pieces

yum groupinstall Virtualization “Virtualization Client” “Virtualization Platform” “Virtualization Tools”

 

# install and turn on the avahi daemon

yum install avahi

service avahi-daemon start

chkconfig avahi-daemon on

 

# I ran into this not being on.  The virt-manager just sat there trying to connect before I did this.

service libvirtd start

chkconfig libvirtd on

That’s it, you are ready to virtualize!  Some people say you need to deactivate SELINUX, but some say it isn’t needed.  You can do so by editing /etc/selinux/config if you think it is causing you troubles.

Setting up a guest server

This is pretty straight forward (except for the last little bit where we correct some video settings). Download  an ISO and/or burn it to a CD for the OS you want to install. In this example, I am using Linux Mint 14 with MATE desktop.
Open up the KVM manager tool you installed in step 1.
start_vmanager
In the top left click play button on a monitor that says “Create a new virtual machine” when you hover over it.  Then, on the step 1 window name your server and pick ISO/CDROM.
create_1
On the step 2 windows, tell it where the ISO/CD is.  For OS type, just use Linux.  For version, go to “see all” and select the latest kernel available as shown.  The OS being installed is so far ahead (3.x) kernel, that there is no more up-to-date choice that I can tell.
create_2
On the step 3 window, set up your memory (give Mint 14 at least a gig) and select how many cores to set. There are ways to alter this later if you need to, so don’t get too hung up on getting this just right now.  In my case, the host has too few cores and too little memory to set it up like I will after I migrate it to something more powerful.
create_3
On the step 4 window, set up your storage. The default 8GB is probably a bit tight, 20GB+ may be better. After taking this screenshot, I chose 40GB. You don’t have to “allocate entire disk now.” I say let it grow dynamically.
create_4
On the step 5 window, review your selections and then hit finish.  If you carried out the final section of this guide before doing the VM setup, you could expand the Advanced options and choose your network now. However, I am trying to break this into quick chunks for time-crunched people like myself and getting your VM up feels like progress ;-).
create_5
Now launch your VM and install the OS as you would on a physical machine (except maybe more slowly and less responsively) in the window that pops up.  The blue “i” icon on the VM popup window (next to the terminal icon) will show you system stats and you can change things here.
info
I had an issue where every time I logged in, I got bounced back out.  To fix it, I had to do two things.  I did these out of order, so I don’t know if they were both necessary.  I will share them in the opposite order I did them. If the first step works for you, don’t bother with the second.
First, switch the virtual video adapter from cirrus to vga.
video_change
If you still can’t login to the VM gui, then carry out this second part. At the login screen to your guest OS:
use the send menu to send ctrl alt f2           # to drop to virtual terminal on VM
login as root
apt-get install nvidia-current
reboot
After it reboots, it should work like a charm. Also, if you want to shut off the GUI later, you can always edit the /etc/inittab to prevent loading the GUI. I like having the option of the GUI on my servers since it really doesn’t take up that much disk space and can be disabled as needed.
Your network should be set up fine for using this guest VM like a desktop to go on the internet, get updates, etc as long as your host’s network is working right. Out of the box it gives you a virtual network using NAT which is fine for these purposes.  I could reach out to other boxes on my network just fine. The show-stopper for virtualizing a server, is that nothing else on my network can reach out to the VM except its own host.  In the next step, we fix that nonsense.

Setting up a bridged network

Okay, this was a bit foreign to me. I have used a wireless network bridge, but I never built a virtual bridge on a box off of a physical NIC before. I am doing something odd here in using a static IP for the bridge itself which nobody seemed to do in their guides, but it is easy enough.
I have to give some credit here as I got started with bridging using information from this site.  I also found a good reference on killing NetworkManager which doesn’t play nice with your bridge.  Anyway, here is my condensed version.
As root on the host:

service NetworkManager stop

chkconfig NetworkManager off

chkconfig network on

Clear out any crappy config files you have like /etc/sysconfig/network-scripts/ifcfg-Auto_eth0 that were made by NetworkManager.

vi /etc/syconfig/network-scripts/ifcfg-eth0   #(this may be different on your system if eth0 isn’t your NIC)

 

DEVICE=eth0

BOOTPROTO=none

ONBOOT=yes

BRIDGE=br0

————————

vi /etc/syconfig/network-scripts/ifcfg-br0  # set up your static IP and DNS entries

 

DEVICE=br0

TYPE=Bridge

BOOTPROTO=static

DNS1=192.168.0.1

DNS2=8.8.8.8

GATEWAY=192.168.0.1

IPADDR=192.168.0.205

NETMASK=255.255.255.0

ONBOOT=yes

DELAY=0

————————

Make sure you have DELAY=0 and ONBOOT=yes.  Usually DNS points to your router (gateway) and/or a service like google (8.8.8.8).

vi /etc/sysconfig/iptables  #edit the firewall definititions by adding a line

…..

-A INPUT -i lo -j ACCEPT  # EXISTING LINE

-A INPUT -i br0 -j ACCEPT # ADD LINE SIMILAR TO THE ABOVE EXCEPT CHANGE lo TO br0

………

service network start  # should give all OK’s

service iptables restart  # restart the firewall

 
Now you need to edit your VM settings. While the VM is off, open it and hit the blue “i” like we did to alter the video adapter. I used device model vertio because it was the default, but there may be merit in some of the other options. Anyway, go to the NIC device and set it up as shown:
bridge
Then click apply. Now you can boot up the guest OS and configure its network settings with a normal static IP or even DHCP. It will work just like it is on the network directly using its own NIC.I hope this guide has been helpful for you. Feel free to offer any tips or improvements or ask questions. Now go forth and virtualize!