Problem Description:
When running OpenVPN in an LXC environment, users may encounter a specific error that prevents the OpenVPN service from operating correctly. The error manifests as follows:
Jan 08 00:56:47 fw openvpn[404]: openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
Jan 08 00:56:47 fw openvpn[404]: Exiting due to fatal error
Jan 08 00:56:47 fw systemd[1]: openvpn-client@yourvpn.service: Main process exited, code=exited, status=1/FAILURE
Kubuntu and mostly ubuntu installations comes with a very basic installer, and does not allow you to personalize the encryption, by example, if you have windows and linux together in the same hard drive, the installation won’t allow you to dual boot it, it will force you to use the whole disk, removing the existing windows partition.
Continue reading Installing K-Ubuntu 16.04 with LVM+LUKS Full Encryption
Unfortunately, TLS has been plagued by several vulnerabilities in recent years, making every HTTPS connection potentially unsafe.
In this article I’ll show you how to get the Grade A+ on SSLLabs (https://www.ssllabs.com/) through the appropriate use of GnuTLS Priorities.
Since several years, we have faced a “transparency campaign” on cryptography. That means that the cipher announces itself as an “encrypted container”. This suppose a serious risk by exposing you to a rubber-hose attack.
LUKS (Linux Unified Key Setup) which is used by common Linux distributions is not the exception. But there is a hope to provide some kind of privacy.
Continue reading LUKS: Plausible deniability on crypto containers
Android is weak by nature… If you want to keep your android secured, you should take a lot of considerations. Every day, the software is designed to be more and more intrusive, however, such level of intrusion could expose yourself to hackers.
In the past few years Diffie-Hellman has become unsupported in the main internet websites, do you know the implications?
But this is not the only thing happening, many reputable websites, including banks, social networks and search engines have chosen to continue to support for TLSv1.0 and SSLv2 “for compatibility reasons”
Fedora, and some others Linux distributions doesn’t provide you any simple way to setup the cypher properties on root filesystem.
Here, we will provide you enough information about the cypher process on fedora and one technique to speed up and/or secure up the cypher using XTS instead CBC-ESSIV
Continue reading Speeding up or Securing up the Encrypted Root Filesystem on Fedora 10