PostgreSQL - Forgotten database cluster upgrade…

After upgrading a system running Debian GNU/Linux from release Squeeze to Wheezy I almost lost my PostgreSQL database. The following PostgreSQL versions are shipped with recent Debian releases:

Debian Release PostgreSQL Version
Lenny 8.3
Squeeze 8.4
Wheezy 9.1

After upgrading from Lenny to Squeezy I missed ...

more ...

Templating Debian GNU/Linux (2/2)

In the previous article (Templating Debian GNU/Linux (1/2) I gave an overview about steps which should be taken in preparation of creating a VM template (dehydration), steps required after deployment of a VM template (rehydration) and the idea of applying customizations using the OVF environment. This article shows ...

more ...

Templating Debian GNU/Linux (1/2)

Dehydration

Distributing pre-installed (Debian) GNU/Linux virtual machine templates requires some steps to create clean and secure templates. You should consider at least to:

  • drop local root password: fight against known default passwords and known password hashes
  • drop SSH host keys: prevent private key leaks and prevent MITM
  • drop various ...
more ...

OpenSSH - Protecting private keys

Martin Kleppmann gives a extensive look at OpenSSH‘s private key encryption. He shows that using the default encryption scheme the private key is very low protected.

Using the PKCS #8 (Private-Key Information Syntax Standard) the private key can be protected by the encryption algorithm of your choice. To get ...

more ...

Pages

  • About…