March 22, 2007 at around evening time
· Filed under GnuPG, PKI, RPM, digital signature, information security
A packager could opt to sign a RPM package. If a RPM is signed, the RPM package would contain a digital signature ready to be used to verify the integrity and authenticity of the RPM package. To be effective, the signing should be done by a different user on a separate server and both the signing user account and the signing server are secure. Once such a RPM package is downloaded, you can verify its digital signature using the rpm command itself. The key itself may need to be verified with GnuPG or PGP command.
Read the rest of this entry »
Permalink
March 14, 2007 in the wee hours
· Filed under GnuPG, RPM, digital signature, information security
As I commented earlier about the compromised wordpress 2.1.1 release, I have always been surprised and disappointed that many FOSS software distributions don’t provide good means for users to verify the authenticity and integrity of their downloads, not to mention the leading commercial software vendors (hardware platform vendors, OS vendors, and ISV). There are some confusion about the ability and capability of checksum (MD5 or SHA1) and those of digital signatures. Read the rest of this entry »
Permalink
March 13, 2007 in the early evening
· Filed under OpenVPN, RPM, SSL, VPN, fedora core linux
I compiled an OpenVPN RPM package for FC6, from the current release 2.0.9 dated 2006.10.06. Fedora Core Linux’s extras Repository does have OpenVPN package. However, it is more of a cutting-edge 2.1.0.17.rc2. Appended below is information from ‘yum info openvpn’ on a up-to-date FC6 box.
Name : openvpn
Arch : i386
Version: 2.1
Release: 0.17.rc2.fc6
Size : 355 k
Repo : extras
Summary: A full-featured SSL VPN solution Read the rest of this entry »
Permalink
February 25, 2007 just before lunchtime
· Filed under CLI, DST changes, JAVA, RPM, centos, command line, linux
A developer alerted me that the jdk1.5.0_10 on a test server didn’t work. A simple ‘java -version’ gave the following error:
Error occurred during initialization of VM
java/lang/NoClassDefFoundError: java/lang/Object
Poking around a little under /usr/java/jdk1.5.0_10, I found that rt.jar was missing! This version of JDK is an upgrade to accommodate the 2007 DST changes. Our current version 1.5.0_05 is just one revision older than the up-to-date release (1.5.0_06) . I had problems installing it as a RPM on that particular server and ended up using rpm2cpio to get it in manually. The RPM was from SUN’s own download site.
Read the rest of this entry »
Permalink
February 19, 2007 around lunchtime
· Filed under DST changes, RHEL, RPM, centos, fedora core linux, linux
The DST timezone change for North America will come effective March 11, 2007 for the first time, as passed by US Congress in 2004. Fortunately, for Linux administrators and users, the Linux utilizes centralized database to store time zone information, namely, a package named ‘tzdata’. Actually, this is not entirely true, esp. for older Linux systems such as RHL 9, RHEL2, RHEL3, or even CentOS (RHEL AS) 4.1, 4..2. More details can be found in my latest post on how to prepare older Linux systems for 2007 DST changes.
Read the rest of this entry »
Permalink
