Skip to content

Category: How Tos

Fixing old SHA1-infested OpenPGP keys

I recently created a new OpenPGP key for my Apache (ASF) account. Of course I wanted to sign it with my existing GnuPG key I have since 2007. To my surprise, it failed with these error messages:

gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
gpg: signing failed: Invalid digest algorithm
gpg: signing failed: Invalid digest algorithm

It took me a few hours to figure out what’s wrong. Obviously something with SHA1, but GnuPG doesn’t tell you WHAT is wrong and HOW to fix it.

btrfs raid1 to combine two separate partitions

A btrfs raid1 means mirroring all data and meta data on file system level. If you ever found some of your data lost after a btrfs scrub, you might know this output:

scrub status for <UUID>
  scrub started at Thu Dec 25 15:19:22 2014 and was aborted after 89882 seconds
  total bytes scrubbed: 1.87TiB with 4 errors
  error details: csum=4
  corrected errors: 0, uncorrectable errors: 4, unverified errors: 0

If you happen to have free space on a spare disk left, you can circumvent these problems via a btrfs raid1 on filesystem level. The following article will help you migrate.

Guacamole Liberty Profile Stack on systemd

If you are using Apache Guacamole to access your computers via VNC, RDP or SSH, you might be interested on how to run this web application (war file) as Guacamole Liberty Profile Stack (i.e. on IBM Websphere Liberty Profile). Additionally, you can start the IBM server with systemd to see the console logs in journalctl. Although Liberty Profile is a licenced and proprietary product by IBM, it is free of charge for non-production purposes and development.

WordPress: Bruteforce-Defence using .htaccess

Everyone owning a wordpress installation will know plugins like LoginSecuritySolution, which will send emails in case of ongoing brute force attacks. The problem is that your login names are not being hidden from attackers. But with a simple .htaccess modification you can protect your blog from these kind of attacks easily. The following recommendations are neither complete nor bullet-proof, but will allow to block about 98% of the most common attacks. All you need to do is to modify your .htaccess file slightly.

Polizeiabsperrung - Karl-Heinz Laube /
Polizeiabsperrung – Karl-Heinz Laube /