Author Archives: #!/bin/blog

Debian /boot old kernel images

So I was looking at yet another failed apt-get upgrade because /boot was full. After my initial whining on Twitter, I immediately received a hint towards /etc/apt/apt.conf.d/01autoremove-kernels, which gets generated from /etc/kernel/postinst.d/apt-auto-removal after the installation of new kernel images. The … Continue reading

Posted in UNIX & Linux | Tagged , | Leave a comment

How expiration dates in the shadow file really work

tl;dr: Accounts expire as soon as UTC reaches the expiration date. In today‘s installment of my classic shame-inducing series “UNIX basics for UNIX professionals”, I want to talk about account (and password) expiration in /etc/shadow on Linux. The expiration time … Continue reading

Posted in Uncategorized, UNIX & Linux | Tagged , , , , | Leave a comment

SSH firewall bypass roundup

So my SSH workflow has reached a turning point, where I’m going to clean up my ~/.ssh/config. Some entries had been used to leverage corporate firewall and proxy setups for accessing external SSH servers from internal networks. These are being … Continue reading

Posted in UNIX & Linux | Tagged | 2 Comments

CentOS 7 on MD-RAID 1

Figuring this out took me quite a bit of time. In the end, I approached the starter of this hilariously useless CentOS mailing list thread, who assured me that indeed he had found a way to configure MD-RAID in the … Continue reading

Posted in UNIX & Linux | Tagged , , , | Leave a comment

Overriding the Mozilla Thunderbird HELO hostname

I found that when connecting through a SOCKS proxy (e.g. SSH dynamic forward), Mozilla Thunderbird tends to leak its local hostname (including the domain of the place where you are at that moment) as a HELO/EHLO header to its SMTP … Continue reading

Posted in Internet, Paranoia | Tagged , , , | Leave a comment

What does the slash in crontab(5) actually do?

That’s a bit of a stupid question. Of course you know what the slash in crontab(5) does, everyone knows what it does. I sure know what it does, because I’ve been a UNIX and Linux guy for almost 20 years. … Continue reading

Posted in UNIX & Linux | Tagged , , , | 4 Comments

Amazon AutoRip und die Wasserzeichen

Amazon hat ja heute angefangen, als CD gekaufte Alben im Rahmen des AutoRip-Service als MP3-Download anzubieten. Natürlich kommt da gleich wieder die Frage auf, ob “Wasserzeichen” im Spiel sind. Die Nutzungsbedingungen des Amazon Cloud-Player sagen dazu folgendes: Einige Plattenfirmen verlangen … Continue reading

Posted in Paranoia | Tagged , | 8 Comments

FTPS vs. SFTP, once and for all.

I had to provide an explanation about the differences between FTPS and SFTP today, which sound so similar, but are in reality extremely different and can easily confused by those who don’t spend lots of quality time with them. SFTP … Continue reading

Posted in Security | Tagged , | 3 Comments

OpenSSH connection multiplexing

The Challenge I was in touch with a developer the other day who used SSH to programmatically connect to a remote machine where he would start some kind of processing job. Unfortunately, he was in trouble when he wanted to … Continue reading

Posted in Security, UNIX & Linux | Tagged , , | 3 Comments

Using the SSH agent from daemon processes

One of my more recent installations, the BackupPC server I wrote about earlier, needs full access as the user root to his clients in order to retrieve the backups. Here’s how I implemented authentication on this machine. BackupPC runs as … Continue reading

Posted in UNIX & Linux | Tagged , , , | 5 Comments