Blog Archive - Linux

Correcting SELinux denials including silent denials SELinux is a security enhancement for Linux that will encourage you to throw your server into a lake soon.Read more...

Snap aplications won't run from KDE Launcher but will from command line In a console window, run the following:Read more...

SSH from RHEL 9 to RHEL 6 systems does not work (two solutions!) If you try to ssh between an old server and a new server, you may receive the error "no hostkey alg" or "no matching host key type found. Their offer: ssh-rsa,ssh-dss". If upgrading the old server is not an option, don't despair. You could reduce the level of security on the new server, but this is not desirable for obvious reasons. If the ECDSA algorithm is supported on the old server, you may be able to solve the problem by creating an ECDSA host key.Read more...

Setting up a "headless" VNC server on Raspberry Pi This is our procedure for setting up a VNC server on a Raspberry Pi running Raspbian 11 that has no monitor, keyboard, or mouse. Before the exit line in /etc/rc.local, add this:Read more...

OpenVPN - "Waiting for TUN/TAP interface to come up..." When using OpenVPN on Windows, we periodically experienced the error "Waiting for TUN/TAP interface to come up...". Sometimes a reboot solved the problem. OpenVPN's documentation suggested to reset the TCP/IP stack which worked, but reset the settings for all our network adapters, and did not permanently solve the problem.Read more...

Disable encryption for VNC on Ubuntu If you need to connect to a VNC server running on Ubuntu without encryption, run this command on the Ubuntu server:Read more...

Map a directory on a MyBook Live NAS to a Windows drive letter over the internet with SSHFS and Samba We needed to be able to access a directory on a MyBook Live via a Windows drive letter and evaluated a few options. Samba works well if the file server and client are on the same LAN, but we discovered it painfully slow when used via an SSH tunnel over the internet. WebDAV is typically a good solution, but we found it unstable when used with the MyBook Live. We settled on two techniques that we use in different situations. The first technique is SSHFS and Samba - SSHFS for the internet portion and Samba for the LAN portion. This works relatively well with only a moderate performance decrease.Read more...

SSH Tunneling - also known as "Port Forwarding on Steroids" If you need to access network resources behind a firewall, you could set up lots of port forwards. But it can be cumbersome to manage a large volume of these, and depending on the protocol, this practice may be insecure. Instead, why not use an SSH tunnel? An SSH tunnel is an excellent method for handling encryption and authentication.Read more...