dmi3mis

# How to sign your custom RPM package with GPG key

# Step: 1
# Generate gpg key pair (public key and private key)
#
# You will be prompted with a series of questions about encryption.
# Simply select the default values presented. You will also be asked
# to create a Real Name, Email Address and Comment (comment optional).
# 
# If you get the following response:

dmi3mis

This note explains the common issue of "notapplicable" results when running openSCAP and SCAP-Security-Guide on CentOS.

SCAP seems like it should be easy because it is "just XML". Then you dig into looking for a test and it gets confusing fast. So it is good to have some background.

SCAP (Security Content Automation Protocol) is actually a set of multiple standards and specifications that are used together to enable automatically testing hundreds of nerd settings. Let me emphasize that: SCAP is not a single XML specification -- SCAP is multiple standards and specs. Whenever you give "SCAP Content" to a scanner to check a system configurations you are giving the scanner multiple XML files representing multiple standards.

dmi3mis

REM Start cmd.exe with admin rights

@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
cinst --force -y vscode
refreshenv
code --install-extension ms-vscode.powershell
code

dmi3mis

The Most Useful Websites and Web Apps
archive.is — take a snapshot of any web page and it will be exist forever even if the original page is gone.

autodraw.com 5 — create freehand doodles and watch them magically transform into beautiful drawings powered by maching learning.

fast.com 5 — check the current speed of your Internet connection.

slides.com 5 — create pixel-perfect slide decks and broadcast your presentations to an audience of any size from anywhere.

screenshot.guru — take high-resolution screenshots of web pages on mobile and desktops.

dmi3mis

VirtualBox-5.2.18-124319-Win.exe --silent
"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" extpack install --replace Oracle_VM_VirtualBox_Extension_Pack-5.2.18.vbox-extpack --accept-license=56be48f923303c8cababb0bb4c478284b688ed23f16d775d729b89a2e8e5f9eb
msiexec /qb /i vagrant_2.1.5_x86_64.msi

dmi3mis

cls
$tmp = dir "Letter:\Path\to\all\vms\*\*.exp" -Recurse

$tmp | % {
    # read file
    [xml]$vm = gc $_.fullname

    # parsing of the various of different internal XML structures using "properties" notation
    # CLASSNAME Msvm_VirtualSystemGlobalSettingData
    $disks = ($vm.DECLARATIONS.DECLGROUP.'VALUE.OBJECT'.instance | where classname -like "*resource*") | 

dmi3mis

vi /etc/ssh/sshd_config #Permitrootlogin  -> permitir acceso por ssh
su -
yum clean all && yum update -y && yum upgrade -y

sudo sed -i --follow-symlinks 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux
sudo yum install epel-release -y
sudo yum install wget curl net-tools lsof zip unzip iperf cabextract -y
sudo yum install mlocate xorg-x11-font-utils fontconfig libSM libICE libXrender libXext xorg-x11-fonts-Type1 xorg-x11-fonts-75dpi freetype libpng zlib libjpeg-turbo gcc ImageMagick ImageMagick-devel ImageMagick-perl samba-client lua lua-devel pkgconfig asciidoc -y
sudo yum remove mysql-server mysql-libs mysql-devel mysql* mariadb-libs mariadb* percona percona-* mysql mysql-* mariadb mariadb-* -y
sudo rm -rf /var/lib/mysql & rm -rf /etc/my.cnf

dmi3mis

#/bin/sh
# Before all you need to generate keys for ssh login
# ssh-keygen
# copy keys to remote host.tld
# ssh-copyid -i ~/.ssh/id_rsa
yum install epel-release -y
yum install autossh -y
cat <<EOF >/etc/systemd/system/tunnel.service
[Unit]
Description=Creates a public reverse tunnel from a server to a port of this computer.

dmi3mis

#create an empty lab template and define path to files where VMs will be stored
New-LabDefinition -Name 'Ex2013lab' -DefaultVirtualizationEngine HyperV -VmPath "C:\Program Files\Microsoft Learning\Ex2013Lab\"   # If you want to place vm files in custom dir add -VmPath "drive:\path\to\directory" 

#defining default parameter values, as these ones are the same for all the machines
$PSDefaultParameterValues = @{
    'Add-LabMachineDefinition:DomainName' = 'adatum4.ml'
    'Add-LabMachineDefinition:OperatingSystem' = 'Windows Server 2012 R2 Datacenter (Server with a GUI)'
    'Add-LabMachineDefinition:UserLocale' = 'en-US' 
    }
#Network Definition

dmi3mis

Introduction

The intent of this document to is record one method of enabling Kerberos logins on a CentOS 7 system using Windows Active Directory. There are many way to do this. For a very detailed document on all of these options, check out the Red Hat Enterprise Linux 7 Windows Integration Guide.

Note: At the time of this writing, a kickstart installation does not work correctly, possibly due to using an older version of adcli. The /etc/krb5.keytab file ends up containing entries that look like HOST/hostname.domain.com@DOMAIN.COM which is not what sshd is expecting. The sshd service is expecting entrieds that look like host/hostname.domain.com@DOMAIN.COM. This causes ssh Kerberos logins to fail, printing No key table entry found matching host/hostname.domain.com@ in the error log.

Setting up CentOS 7 for Active Directory Logi