• Unable to negotiate with 192.168.1.99 port 22: no matching host key type found. Their offer: ssh-dss Solution


    ssh rtt@192.168.1.199 Unable to negotiate with 192.168.1.99 port 22: no matching host key type found. Their offer: ssh-dss It looks like the DSS option is not considered secure so when connecting from newer Linux systems to an older one you will get the above error. It can be fixed (but you should consider upgrading your SSH daemon): ssh -oHostKeyAlgorithms=+ssh-dss rtt@192.168.1.199........
  • ffmpeg Linux Mint download, compile and install howto


    #if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2 tar -jxvf ffmpeg-3.3.2.tar.bz2 cd ffmpeg-3.3.2/ ./configure --disable-yasm install prefix /usr/local source path ........
  • How to Properly Secure SSL/TLS Apache Settings against Heartbleed Poodle (TLS) Poodle (SSLv3) FREAK BEAST CRIME


    Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker. Use the following setings in /etc/httpd/conf.d/ssl.conf SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
  • SSH HowTo Create Port Forwards


    ssh -L 5905:localhost:5900 root@yourserver.com The "-L" means to create a port forward to a port on your server. The 5905 means the port on your computer that will be used to access the port 5900 on the remote server. localhost is the IP that you use to access the port forward (you can change it to 0.0.0.0 which will be all IPs on your system/computer but localhost is good for security and privacy unless a whole network of people need access).........
  • Apache SNI is not needed what is the issue?


    Iread this article and still don't understand the issue. If I understand correctly the client negotiates after the first SSLconnection and then gets the correct hostname and thus correct certificate. http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI To their credit I know I'm not using SNIbecuase Iget this message in the Apache log :) [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! B........
  • SSH Can't Login/Hang


    Client Log OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_d........
  • Error code: sec_error_unknown_issuer Solution Valid SSL Certificate Throwing Error in Firefox


    So you've just purchased your SSL cert, renewed it and installed it or maybe you've had it installed and working fine all the time with all other browsers but you've upgraded to a recent version of Firefox and suddenly get the warning "Error code: sec_error_unknown_issuer" error. This is terrible since if you bought an SSL cert, you are most likely using it for trust purposes for your business and obviously that message will scare away most potential customers.........
  • SSH automatic login without password


    SSH automatic login without passwordlocal> ssh-keygen -t rsa -f .ssh/id_rsa -t is the encryption type -f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used A password will be asked; leave this part blank, just pressing Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the serv........
  • Create/Enable SSL Certificates for Apache on Linux/Unix Systems eg. Redhat,Centos,Debian


    Shortcut/Easiest Way To Create A Self-Signed Key: openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below. If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
  • Latest Articles

  • CentOS 6 impossible to compile a newer libguestfs
  • chroot
  • How To Get Started on Ubuntu with gpt-2 OpenAI Text Prediction
  • Remove cloud-init in your VM
  • QEMU-KVM KVM Command Line Practical Guide
  • Linux How To Change NIC Name to eth0 instead of enps33 or enp0s25
  • virt-resize: error: libguestfs error: could not create appliance through libvirt.
  • Asterisk Does Not Retry When Authentication Fails
  • Linux Debian Ubuntu How To Install PEPPER Faster and Latest Adobe Flash Player in Firefox
  • How To Speed Up Linux Ubuntu and Debian Based Computers By Improving CPU Performance and Changing the CPU Governor
  • Convert data or file to base64 on a single line
  • Linux Mint Ubuntu Debian radeon slow 2D performance issues radeon_dp_aux_transfer_native: 158 callbacks suppressed
  • mdadm: super0.90 cannot open /dev/sdb1: Device or resource busy mdadm: /dev/sdb1 is not suitable for this array.
  • How To Install NextCloud on Centos 7 and Centos 8
  • AH01630: client denied by server configuration:
  • ERROR: Could not find a version that satisfies the requirement PIL (from versions: none) ERROR: No matching distribution found for PIL
  • ZTE Camera Cannot Work unable to connect to camera. Camera has been disabled becaue of security policies or is being used by other apps
  • QEMU KVM how to boot off a physical CD/DVD/BDROM Drive
  • How To Install OpenProject on Centos 7 Step-by-Step Guide
  • Ubuntu Debian Linux Cannot Install Wine Solution - wine1.6 : Depends: wine1.6-i386 (= 1:1.6.2-0ubuntu14.2) but it is not installable wine1.4 : Depends: wine1.6 but it is not going to be installed