Clerical Rigor

Category: security

  • Installing a desktop environment on the HP Omen

    `dmidecode | grep -A8 ‘^System Information’` tells me that the Manufacturer is HP and Product Name is OMEN Transcend Gaming Laptop 14-fb0xxx I’m provisioning a new piece of hardware for my eng consultant and it’s proving more difficult than I expected. I must admit guilt for some of this difficulty. Instead of installing using the…

  • Security concerns regarding OpenSSH mac sha1 in Debian

    What is HMAC? HMAC stands for Hash-Based Message Authentication Code. It’s a specific way to use a cryptographic hash function (like SHA-1, SHA-256, etc.) along with a secret key to produce a unique “fingerprint” of some data. This fingerprint allows someone else with the same key to verify that the data hasn’t been tampered with.…

  • Managing HPE SAS Controllers

    Notes to self. And anyone else who might find them useful. Following are some ssacli commands which I use infrequently enough that they fall out of cache. This may repeat information in other blogs, but since I search my posts first when commands slip my mind, I thought I’d include them here, too. hpacucli is…

  • Signed NVIDIA drivers on Google Cloud Dataproc 2.2

    Hello folks, I’ve been working this year on better integrating NVIDIA hardware with the Google Cloud Dataproc product (Hadoop on Google Cloud) running the default cluster node image. We have an open bug[1] in the initialization-actions repo regarding creation failures upon enabling secure boot. This is because with secure boot, kernel driver code has its…

  • First taste of Debian 12

    As some of you may know, the Debian project released v12, bookworm to stable on the 10th of this month. I haven’t had a reason to try it yet, but I’m downloading it now. My first thought is that it’s much larger than I expected. The normal sized version used to fit on a CD-ROM…

  • Some work on a VyOS image with Let’s Encrypt certs

    I put some packages together this weekend. It’s been a while since I’ve debuilt anything officially. libffi-platypus-perl libalien-base-perl libalien-ffi-perl libffi-checklib-perl libshell-config-generate-perl libshell-guess-perl The plan is to build a binding to the libgnutls.so.30 API. The certtool CSR (REQ) generation interface does not allow me to create a CRL with “not critical” attributes set on purposes. Maybe…

  • LLC-Technologies-Collier/Demo-SCCC-Byte-AngularJS

    Hello dear readers and attendees, This is the post that I will be/ will have been referencing during my presentation to the Seattle Central Community College’s Byte club on Thursday, December 10th at 1500-1630. I will begin with a bit of an autobio and find out what kind of students we have in attendance. Please…

  • Some statistics from the router at the cabin

    sip0 is a GRE tunnel between the router and the colo box in Seattle, the payload of which is encapsulated as ipsec traffic before being transmitted over the Ubiquity equipment to the switch that the CenturyLink DSL modem attaches to. I don’t get centurylink easter eggs in my search results when I use this interface.…

  • False Positive

    Since a bit before my birthday this year, I have been uncertain where I left my notary seal. I have been trying to stay positive about the situation, but I must admit that I spent an unhealthy amount of time obsessing about its location and whether it has been used in my absence. The last…

  • Trip Report: UW signing-party

    Dear Debian Users, I met last night with a friend from many years ago and a number of students of cryptography. I was disappointed to see the prevalence of black hat, anti-government hackers at the event. I was hoping that civilized humanity had come to agree that using cryptography for deception, harm to others and…