Recent posts
BTRFS Cheat Sheet
BTRFS primer BTRFS is a very capable filesystem for linux systems. It can do: file storage multi disk for one volume RAID1 mirroring RAID0 spanning data over multiple drives on the fly compression checksumming to prevent bit rot (with RAID1) expanding volumes online moving volumes online by adding end removing drive...
cryptsetup close CRYPT Fails With "Device CRYPT is still in use."
Problem: after unmounting a LuKS crypted device, "cryptsetup close" fails with "Deivce is still in use", even though it is not mounted anymore. ...
Blocked Webserver Behind Fortiguard
Problem: A newly setup web server with working https cert is not reachable by some people with a certificate error. Discussion: After checking the cert info, you can see that the cert issuer is not the real one but FortiNet. The user is behind a FortiGuard firewall with WebFilter. Paranoid FortiGuard sysadmins may b...
Pip Python TLS/SSL issues?
Problem: When installing any package with pip in a venv python environment you get this error: WARNING: pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available. We got this error on a Linux Debian machine, that had the latest Debian Bookworm running, but was an older ...
IP Scan Between Microsoft Clients on Port :7680 ?
TL;DR: If you experience poor network performance on your wireless notebook, Microsoft may be using your device as a download server without your consent. Problem : I noticed a high number of requests between Windows clients in different network zones on a customer's firewall. It appeared that allmost every client w...
Reactivate old SSH host key types
Problem: ssh rejects connecting to old servers with this error: # ssh SRV Unable to negotiate with SRV port 22: no matching host key type found. Their offer: ssh-rsa or Unable to negotiate with SRV port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-...
How to Check If an RSA Cert Matches an RSA Key
Problem: you find a key and a cert file on your server, and want to check if the cert matches the key. Solution: Check the modulo (n=p*q) of both key and cert to see if they are equal. $ openssl rsa -modulus -noout -in yourrsa.key Modulus=C8BEE8B687CC... $ openssl x509 -modulus -noout -in yourrsa.crt Modulus=C8BEE8B...
DMAR Kernel Log Errors and RAID Controller Crash
Problem: After upgrading an old HP ProLiant DL320 G6 Server to Linux kernel 6.1 (Devuan 5, Debian12) the system crashes during reboot. You will see the following kernel output: DMAR: DRHD: handling fault status reg 2 DMAR: [DMA Read] Request device [00:1e.0] PASID ffffffff fault addr df63e000 [fault reas...
Icon Missing When Adding a Webpage to the Android Homepage
Problem: when adding a shortcut of a webpage to the Android home screen, Chrome used <link rel="icon" ...> to give this shortcut an icon. Lately Google Chrome broke this feature (intentionally probably). Chrome just shows a grey round circle with a single letter instead of the provided icon. Discussion: Google remov...
Cisco "Smart" License
Problem: after upgrading Cisco ISO XE from 15 to 16 on an ASR-1001-X router, the permanent license of this router changes to "evaluation license" and Cisco forces you to use the call-home "feature". You will find log entries like these: *Jan 23 21:53:13.922: %SMART_LIC-6-AGENT_ENABLED: Smart Agent for Licensing is e...