JDPFu.com 2025

Suggestion

Use sudoedit instead of sudo {insert-gui-editor-here}

Ansible is a DevOps tool. It is amazing. The purpose of this post is to get you thinking how to use ansible in your environment, not teach you to use it completely.

If you ever need to run a command on 2-50,000 servers and get the results back, then I can’t think of any easier, more flexible tool to use – better than shell scripts since there are so many administrative features already built into Ansible.

When Ubuntu 14.04 was released things were mostly ok, except on 1 desktop here, not all of them, keepassx autotype/autocomplete started failing. I could copy/paste using cntl-b and cntl-c into the userid/password files, but that’s 10x slower than pressing cntl-v and the tool fills in the userid{tab}password{enter} …

The fix ….

IoT is supposed to mean the Internet of Things – that means how every device from lamps, to TVs, baby monitors, home security devices, to washers, dryers, toasters, blenders, … thermostats, basically anything that uses batteries in the home should be connected to the internet so we can monitor them from our smart phones and remote computers anywhere in the world.

The killer app? Wouldn’t it be nice to have a hot bath ready for you at 7pm exactly 106 degF? Filled exactly to the point for your body to fill to the brim? Of course, you didn’t know you needed a bath for relaxation until about 4pm – when at work still.

People are flocking to Linux these days. Often, they bring with them computer knowledge from other systems that simply do not apply for most Linux systems.

One of those is about installing software. There is no setup.exe or install.exe for Linux systems. If fact, if you find yourself installing 99.999999% of Linux software in that way, you’ve already failed. Of course, this applies to Linux distros with a package manager. If you are running a non-package manager Linux, then you aren’t reading this anyway.

If you work in IT, security is a key concern.

Ever wanted a place with a huge list of security presentations, by the people who know?
Here it is.

Get your video downloaders ( youtube-dl is amazing) going and I’ll see you back here in 4 months after you’ve watched them ALL. ;)

These videos cover hacking AD+Kerberos networks, password cracking, key loggers, IDS/IPS, and even physical attacks like key bumping. Some of the videos will be about non-security stuff – media centers, DOCSIS, and of course, Linux and virtualization.

Came across an article on how to backup Ubuntu/Debian and related distro package lists, settings, icons and themes Seemed like a useful article, so I skimmed it.

It was about 20 pgs of text and 26 images. Is that really easier? They installed a GUI app that is completely redundant and harder to automate. I would be embarrassed. Way to make something simple, seem really hard.

Do you use php or run php web-applications?

Chances are that it has known security issues according to Anthony Ferrara.
78% of Php Installations are Not Secure

For me, the interesting thing in that article is that 82% of perl installations do not have any known security issues.

So, you are a true complete Linux beginner and want the shortest path to the deep knowledge. We all were new at some point. The learning curve is steep, like a new language, but rewarding.

Learning Linux is like learning a new language or learning to fly a Boeing 747. It takes time, practice, effort. You don’t expect to hop into the pilot seat of a 747 on day one and fly that baby, do you? Linux is the same way. Sure, you can control the autopilot and change altitude with a certified pilot there to help, but not much more.

Learning Linux ….

As another online website got hacked today and leaked userids, email addresses and passwords, I started thinking about what would solve this issue basically forever.

1. don’t use the same password anywhere online. Always unique per login/website.


2. if you can, use a unique login for every online identity. No need to let anyone connect-the-dots or get a hint about your email login from a blog website. This is more important for logins to financial services. I couldn’t tell you my brokerage userid – don’t know it – it is random.


3. if you can, use a unique email address for all identities. These do not need to be anything more than email aliases, since receiving email and redirecting it to a real account is easy. No need to support “send”. If you don’t know what an email alias is, don’t worry.


4. Definitely have a few different email addresses – 1 for social stuff online and a different 1 or 3 for financial stuff. If the social email gets hacked, that shouldn’t impact your financial email accounts at all.


5. Lie on all password reset questions. Never tell the truth or the same answer for different websites. Keep your lies inside a password manager.

How to do these things easily? Use a password manager. Try it for a week, see if you don’t become addicted. More on KeePass

There are other uses for password managers too. Well worth your time.

If we do these things, no need to panic over having any social/google password db out there. Even if it were leaked as plain text, I wouldn’t care. It doesn’t matter. Don’t let any social website know your real email address or a password used anywhere else. Unique, random matters.

Prefer F/LOSS security tools over commercial offers. Historically, commercial security vendors have mislead their users or the marketing department simply lied.

keepass and keepassx are good. The source code is available for download and review by anyone. Security of the tool is not through anything hidden, just good encryption which currently cannot be broken when normal best-practices are used.

KeepassX is amazing.