I’m sure you have heard by now that there is a reported vulnerability in openSSL and openSSH. This only affects Debian and its variants for now (ie:Ubuntu).

This is a pretty serious issue so it should be patched ASAP.

Follow the instructions below to guard your Debian and Ubuntu machines from the vulnerability.

Run the following to find out if you are affected:

wget -c http://security.debian.org/project/extra/dowkd/dowkd.pl.gz
gunzip dowkd.pl.gz
chmod u+x dowkd.pl
./dowkd.pl user
./dowkd.pl host hostname

If either the 2nd to last or the last command issued above shows something similar to the following:

.ssh/id_dsa.pub:1: weak key

…then you are affected by the vulnerability. If you do not see “weak key” reported then you are OK.

Otherwise follow below:

Apply any updates by entering the following at a command line:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade

You should see an update for openssl and openssh packages (along with anything else available).

After these new packages have been installed you will want to regenerate any keys that you’ve generated (ie; openssh keys, CA cert, etc).

To generate a new openssh key for your user: (This only required if ‘./dowkd.pl user‘ reports weak)

ssh-keygen -t dsa -b 1024

To generate a new openssh key for your server: (This only required if ./dowkd.pl host hostname reports weak)

sudo rm /etc/ssh/ssh_host_{dsa,rsa}_key*
sudo dpkg-reconfigure -plow openssh-server

You should now run the validation script again and make sure it does not report any errors. If you still see reported warnings such as:

.ssh/authorized_hosts:1: weak key

…this means that you have keys saved that are still affected, in this case in the authorized_host file. The easiest way to solve this is issue the following:

rm .ssh/authorized_hosts

This will remove the file, which will be recreated the next time it is needed or you can delete the line in the affected file using your favorite text editor. The line is indicated by the ending “:1″ which maps to the affected line number.

Continue to run the ./dowkd.pl script until no weaknesses are reported.

A new kernel update just went out yesterday or the day before (not
sure), but it fixes the vmsplice proof-of-concept exploit that was
released two days ago. The exploit would allow someone at a non-root
console to elevate themself to root without using sudo or su or knowing
any passwords at all.

Check out Mackenzie’s site: Ubuntu Linux Tips & Tricks

Technorati Tags: update, vulnerability

In my example I had all my music saved on an external hard drive that mounted itself as “disk”. I wanted to change it over to a new computer and a new external drive that mounts itself as “OneTouch1″ (Maxtor external drive). It doesn’t matter where your music is and where you want it to go (maybe you just want to connect the same drive to a new computer) but in either case this is how I did it:

First off I mounted both drives on the computer that had the current configuration I wanted to save.

Then I ran an rsync command to transfer all my music from the old external drive to the new one:

rsync -av /media/disk/Music/ /media/OneTouch1/Music

This copied all my music from disk/Music to OneTouch1/Music.

Then I needed to grab the current mySQL database, so I fired up webmin on the localhost and did a backup of my “amarok” database I had all my collection data stored in. One more thing you will need for all your playlist and configuration settings is the app settings folder located in your home directory in a hidden directory. You can grab it like so:

rsync -av /home/yourusername/.kde/share/apps/amarok/ /media/OneTouch1/amarok

Make sure you substitute your username and new drive name above.

Now we should be ready to configure the new computer with your old computer’s settings. The next steps assume you have Amarok installed and running.

Make sure Amarok is closed and not running and then plug in your external drive.

Create a symbolic link to map everything up like it was before. In my case it was done like so:

ln -s /media/OneTouch1/ /media/disk

The above is needed even if you want to use the same drive, but only in the case that it mounts itself on the new computer with a different name than it does on the old computer.

Now we want to create an empty database called amarok (or whatever your previous db was called) (I used webmin for ease of use) and create the same user id and credentials that you had used on your previous computer.

The next step is open your home directory and hit ctrl “h” to show hidden files and browse to .kde/share/apps and rename the amorak folder to amorak_old (just so we can revert later if needed). Then copy the amorak folder we had backed up from your old computer onto the external drive to replace the folder we just renamed.

Once this is all complete, we can open Amarok and go to Settings -> Configure Amarok and navigate to the Collection tab on the left. Make sure that the correct directory is selected (using the symbolic link to select it) and also that the correct db and user credentials are entered.

After the above is done, go to Tools -> Rescan Collection. This may take awhile, depending on the size of your collection, but when it is complete you should see that everything is how it was on your old computer!

Technorati Tags: Amarok, migrate, music, collection, playlists

Technorati Tags: wallpapers

• Run gconf-editor (by hitting Alt+F2 or from terminal).
• Browse to apps->nautilus->desktop in the left-hand folders window
• Uncheck the “volumes_visible” option

Careful, as this will also hide portable storage volumes also…

Ubuntu is fully supported.

Get it here:

http://desktop.google.com/linux/

Ubuntu Clips, a new found site by yours truly, takes a great approach to teaching new Ubuntu users the ins and outs of the Linux operating system.

If you are a recent Windows to Linux convert and want to get up and running fast, I highly recommend this site.

Head over and watch a video or two and increase your Ubuntu knowledge!

IEs 4 Linux offers a free solution to run IE 6 and releases before 6 with a simply install utilizing wine.

Their install instructions are for edgy but by changing the relevant code areas to feisty, it works just fine in the latest release of Ubuntu.

Head over to their site for detailed install instructions and happy surfing!

IEs for Linux

Technorati Tags: Internet Explorer, Linux, IE

Linux has come up with a great solution to an age old problem.

The alias command.

This command allows you to create an alias or shortcut if you will to calling a longer command.

Let’s say you vnc another machine a lot. That machine happens to not have a DNS host name associated with it. You are always trying to remember the IP of that machine so you can VNC it.

The command to VNC our imaginary machine goes something like this:

vncviewer admin@192.168.245.231

That is a lot of typing for a common task.

Let’s simplify that. Type the following:

alias vncmybox=’vncviewer admin@192.168.245.231′

Now you have created your first alias. Anytime during the session you type vncmybox it will run the command we assigned to that alias.

Here is the catch, as soon as you close the terminal all is lost.

Let’s make this change permanent.

Go to you home folder and create a file named:

.bash_aliases

(This can also be done via the terminal like so:

touch ~/.bash_aliases

Then add the alias we created earlier on the first line of this text file as so: (Remember to open this file from your home folder you will have to show hidden files by pressing ctrl + h when in your home directory)

alias vncmybox=’vncviewer admin@192.168.245.231′

Save the file and open the file named:

.bashrc

Find the section that is commented out (lines preceded with #’s) to looks like this:

if [ -f ~/.bash_aliases ]; then
    . ~/.bash_aliases
fi

Uncomment those lines. Save and close and then open a new terminal window.

Now type:

alias

It will list your aliases including the one we just added. Now you can go back and add other commonly used commands to your .bash_aliases file to ease your terminal tasks.

Technorati Tags: alias, Ubuntu, Linux, terminal

How about just making an .iso file that you can mount as you need? Or maybe you just want a “master” copy of the media so you can create another copy at a future date.

At any rate it is rather easy to accomplish in Ubuntu:

sudo umount /dev/cdrom
dd if=/dev/cdrom of=file.iso bs=1024

You can also do the same with folders:

mkisofs -r -o file.iso /location_of_folder/

Don’t forget to make a checksum:

md5sum file.iso > file.iso.md5

Technorati Tags: .iso, file, iso