Today marks one month that my "work time" is 100% devoted to Red Hat; last month I "retired" from any of the IT/web work for my church that I've been doing for the last 12 or so years. It's been an interesting month being able to spend time on …

I'm mostly writing this for my own reference as I spent a bunch of time figuring this out while I was on holidays with some serious oVirt misadventures and didn't document any of what I did, so since I had to reinstall CentOS 7, I'm stuck doing this all over …

Last week's TechMail was Two-factor SSH authentication via Google secures Linux logins which talks about using Google two-factor authentication with SSH (and PAM in general). I really like it and it works quite well although the comments in the TechMail indicate another option called Duo for two-factor authentication that sounds …

This week's TechMail is Learn to use extended file attributes in Linux to boost security which takes a look at using chattr, getfattr, setfattr, getfacl, and setfacl; tools that can be used to offer more granular security to files and directories. Being able to use SELinux or GrSecurity, AppArmor, and …

So I was approached by Eugeni, one of my former fellows at Mandriva, today about some collaboration in regards to Mandriva's msec and my way-back-when fork for Annvix, rsec. He wrote a blog post about msec's future and plans detailing the things he wants to do with msec in the …

This week's TechMail is Monitor your system for threats with rsec alerts which discusses the rsec tool I forked from Mandriva's msec years ago (for Annvix). It's been updated and is available for Red Hat Enterprise Linux 5 (and CentOS 5) as I think it's still a pretty good tool …

This week was interesting, dealing with the supposed "OpenSSH 0day" vulnerability stuff... rumours, innuendo, strange logs and packet capture files... it made for a long week trying to keep an eye on this and sort fact from fiction. Instead of focusing on the issue itself like other blogs and news …

This week's techmail is Store passwords with pwsafe which looks at the pwsafe CLI application that can keep track of all your passwords and login credentials in a safe and secure manner (and throws in strong password generation as a bonus). Really useful app.

This week's TechMail is Use encrypted filesystems with Linux Logical Volume Manager which discusses how to setup LVM with encryption right at install-time. I'm finding for myself that having information, particularly on laptops, encrypted is becoming increasingly important to me. The nice thing with LVM and having the entire drive …

This week's TechMail is: Get started with the security tool OSSEC, a quick run-down of what OSSEC is and how to use it. It's a pretty big "package", so I couldn't cover everything, just a single-server-use scenario which I think is what the majority of people would use it for …