Recent posts
Docker Primer Docker is a default way Linux server software gets shipped and run today. Under the hood Docker is a thin wrapper around two old Linux kernel features: namespaces (process, network, mount, user, ...) and cgroups (resource limits). It is not a virtual machine. The container shares the host kernel. Core ...
IP Route Cheat Sheet Across Vendors As a network admin you jump between vendors all day long, and every box wants a slightly different incantation for the same four operations: show the routing table, add a static route, set a default route, remove one. This is a quick reference for the boxes I see most often. All e...
Btrfs (B-Tree File System) is a modern copy-on-write filesystem for Linux, integrating volume management and RAID features directly at the filesystem level. This cheat sheet covers multi-disk volumes, RAID1, on-the-fly compression, checksumming, online expand/shrink, subvolumes and snapshots, plus the essential mkfs.btrfs, btrfs filesy...
Problem: after unmounting a LuKS crypted device, "cryptsetup close" fails with "Device is still in use", even though it is not mounted anymore. ...
Problem: A newly set up web server with working https cert is not reachable by some people with a certificate error. Discussion: After checking the cert info, you can see that the cert issuer is not the real one but FortiNet. The user is behind a FortiGuard firewall with WebFilter. Paranoid FortiGuard sysadmins may b...
Problem: When installing any package with pip in a venv python environment you get this error: WARNING: pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available. We got this error on a Linux Debian machine, that had the latest Debian Bookworm running, but was an older ...
TL;DR: If you experience poor network performance on your wireless notebook, Microsoft may be using your device as a download server without your consent. Problem : I noticed a high number of requests between Windows clients in different network zones on a customer's firewall. It appeared that almost every client w...
Problem: ssh rejects connecting to old servers with this error: # ssh SRV Unable to negotiate with SRV port 22: no matching host key type found. Their offer: ssh-rsa or Unable to negotiate with SRV port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-...
Problem: you find a key and a cert file on your server, and want to check if the cert matches the key. Solution: Check the modulus (n=p*q) of both key and cert to see if they are equal. $ openssl rsa -modulus -noout -in yourrsa.key Modulus=C8BEE8B687CC... $ openssl x509 -modulus -noout -in yourrsa.crt Modulus=C8BEE8B...
Problem: After upgrading an old HP ProLiant DL320 G6 Server to Linux kernel 6.1 (Devuan 5, Debian12) the system crashes during reboot. You will see the following kernel output: DMAR: DRHD: handling fault status reg 2 DMAR: [DMA Read] Request device [00:1e.0] PASID ffffffff fault addr df63e000 [fault reas...