Docker issues are frequently logged for DNS resolution in containers because it doens't inhert or get values for DNS from NetworkManager which leverages a built in dnsmasq to inteligently manage DNS.
sudo bash -c "echo listen-address=$(ip -4 addr show dev docker0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}') > /etc/NetworkManager/dnsmasq.d/docker-bridge"
sudo systemctl reload NetworkManager
sudo bash -c 'echo -e "{\n\t\"dns\": [\"$(ip -4 addr show dev docker0 | grep -oP "(?<=inet\s)\d+(\.\d+){3}")\"]\n}" > /etc/docker/daemon.json'
sudo systemctl restart dockerWell-formed syslog message headers start with the facility and severity encoded as the priority in angle brackets, e.g. <179>.... As per RFC5424:
The Priority value is calculated by first multiplying the Facility number by 8 and then adding the numerical value of the Severity.
The python files in this gist are a demo to help showcase how to decode the priority. E.g.:
pri = 179
The default password-based encryption for openSSH RSA private keys (generated with ssh-keygen -t rsa) has inadequate protection against brute forcing due to a weak Password-Based Key Derivation Function (PBKDF) because it used OpenSSL's key derivation with just one round of MD5.
TL;DR: Rather generate new keys with ssh-keygen -t ed25519 which by default should use the more secure PBKDF with the PKCS8 format. RSA key generation defaults to the weak PBKDF stored in the PEM format.
However, if you still need RSA to work with older Unix systems, network devices, and other systems' SSH servers are not yet upgraded with Ed25519 support, this provides info to avoid the less secure default of saving private keys in the legacy PEM format when generating RSA keys. Backward compatibility is not that much of a concern since only the SSH client needs a reasonably modern version of SSH.
A quick set of notes looking into Ubuntu mirror locations for South Africa from my home fiber (Vumatel). The examples should apply in general.
There are two phases
When testing performance of package list info downloads via upt-get update, clear previous package info downloaded. If this isn't done, cached package info could skew results.
Useful for:
.desktop files to inject env proxy settingsGNOME proxy settings should normally get propergated into the shell (bash) environment via gnome-terminal, e.g. http_proxy and no_proxy. However:
.desktop entries sometimes don't work. This happens when an app ignores org.gnome.proxy settings but can often use proxy env vars from the shell.
In this example
$'\n' is the way to specify the newling within the subsitution$ t='1
> 2
Bash history was a convenience feature to help a user recall previous commands and not intended to meet any security requirements.
The Linux audit system (or alternate kernel level audit OS facility) is a more robust way to ensure user and process log events are recorded.
The newer versions of bash (>= 3.0) include a regex operator =~
Simple example
$ re='t(es)t'
$ [[ "test" =~ $re ]]
$ echo $?
0
$ echo ${BASH_REMATCH[1]}
es