General Linux Chat and Small Questions v. Year of the Linux Desktop! - Hardware & Software

Can someone explain something about SSH keys to me? I set up an SSH server on my Raspberry Pi running Raspbian, and configured it to not allow plaintext passwords but rather to use RSA key authentication. I generated an RSA key on my laptop, added the [I]public[/I] key to the RPi's authorized_keys file, and now I'm able to log into SSH using just that key, after I log into the RSA key on my laptop via it's keychain. My confusion is about the level of security this actually brings. If you're still transmitting the public key, which could be intercepted by a man in the middle listening in on your authentication request, then the key is really no more secure than using a plaintext password, no? Is the key just there to serve as a deterrent to guessing a password and nothing more? [editline]3rd March 2015[/editline] Moreover, what is happening when OSX asks me for the password to my public RSA key? Are my RSA keys encrypted on disk using the key password, then decrypted by the password before being sent somewhere?

[QUOTE=srobins;47246751]Can someone explain something about SSH keys to me? I set up an SSH server on my Raspberry Pi running Raspbian, and configured it to not allow plaintext passwords but rather to use RSA key authentication. I generated an RSA key on my laptop, added the [I]public[/I] key to the RPi's authorized_keys file, and now I'm able to log into SSH using just that key, after I log into the RSA key on my laptop via it's keychain. My confusion is about the level of security this actually brings. If you're still transmitting the public key, which could be intercepted by a man in the middle listening in on your authentication request, then the key is really no more secure than using a plaintext password, no? Is the key just there to serve as a deterrent to guessing a password and nothing more? [editline]3rd March 2015[/editline] Moreover, what is happening when OSX asks me for the password to my public RSA key? Are my RSA keys encrypted on disk using the key password, then decrypted by the password before being sent somewhere?[/QUOTE] You could transfer the public key on a USB. Besides, posting your public key online should never pose a real security threat, if the private key is properly secure. Don't forget to set passwords on those things. [editline]3rd March 2015[/editline] In other words, it works like this: Public key = decryption Private key = encryption The point is that even though others may be able to decrypt the data, they are not able to change it due to the Public key being unable to actually encrypt anything. [url]https://en.wikipedia.org/wiki/Public-key_cryptography[/url] [editline]3rd March 2015[/editline] Or maybe I got it the other way around. Read the wiki, that's probably more trustworthy than me.

[QUOTE=mastersrp;47248178]You could transfer the public key on a USB. Besides, posting your public key online should never pose a real security threat, if the private key is properly secure. Don't forget to set passwords on those things. [editline]3rd March 2015[/editline] In other words, it works like this: Public key = decryption Private key = encryption The point is that even though others may be able to decrypt the data, they are not able to change it due to the Public key being unable to actually encrypt anything. [url]https://en.wikipedia.org/wiki/Public-key_cryptography[/url] [editline]3rd March 2015[/editline] Or maybe I got it the other way around. Read the wiki, that's probably more trustworthy than me.[/QUOTE] I understand that the public key can be transmitted in public, what I am confused about is the fact that it seems the public key is the only authentication that the SSH server requires, which seems just as unsafe as using a password because both can be easily intercepted. Even if the public key is transferred initially via USB or something like that, if someone intercepts any of your authentication requests where you send out your public key, they then are able to obtain SSH access.

[QUOTE=srobins;47248256]I understand that the public key can be transmitted in public, what I am confused about is the fact that it seems the public key is the only authentication that the SSH server requires, which seems just as unsafe as using a password because both can be easily intercepted. Even if the public key is transferred initially via USB or something like that, if someone intercepts any of your authentication requests where you send out your public key, they then are able to obtain SSH access.[/QUOTE] [URL=http://security.stackexchange.com/a/3898]This Stack Exchange post[/URL] does a pretty good job at explaining why utilizing keys is a much more secure solution than password-based logins.

[QUOTE=deadeye536;47248382][URL=http://security.stackexchange.com/a/3898]This Stack Exchange post[/URL] does a pretty good job at explaining why utilizing keys is a much more secure solution than password-based logins.[/QUOTE] Thanks so much, this is exactly the type of information I was looking for. I figured it had to be more complicated than I had imagined, I'm glad to finally understand the process.

Sorry for the none - smart question but - does anyone know how i could fix my battery on my system ? It's a G74SX the problem is it gives an incorrect time when on battery on most Unix/Linux systems I've tried :suicide: this includes *buntu and Opensuse and archbang too has of recent

[QUOTE=Murderman;47252265]Sorry for the none - smart question but - does anyone know how i could fix my battery on my system ? It's a G74SX the problem is it gives an incorrect time when on battery on most Unix/Linux systems I've tried :suicide: this includes *buntu and Opensuse and archbang too has of recent[/QUOTE] What exactly do you mean with incorrect time?

[QUOTE=mastersrp;47252291]What exactly do you mean with incorrect time?[/QUOTE] Oh more specifically i mean that - on battery it would say 2hrs normally while it discharges but ever since i got this laptop - it says that from 2hrs it would show 1hr and switch back to 2hr and back to 1hr and cycling between the timing while it discharges and it's surprising because this laptop comes with it's own Unix/Linux like system and it shows the same

The problem is battery "time" meters are wildly inaccurate in general, and are difficult if not flat out impossible to get right because the amount of power drain changes based on system activity and other variables like display brightness As long as the percentage remains accurately measured and you can keep the power drain to something predictable you're better off turning off the time measurement and learning how long it takes to go from 100% to 0% in your typical use case.

[QUOTE=lavacano;47252669]The problem is battery "time" meters are wildly inaccurate in general, and are difficult if not flat out impossible to get right because the amount of power drain changes based on system activity and other variables like display brightness As long as the percentage remains accurately measured and you can keep the power drain to something predictable you're better off turning off the time measurement and learning how long it takes to go from 100% to 0% in your typical use case.[/QUOTE] Interesting so to do I'll take off the time measurement and learn to cope without time and hopefully I'll get used to it and as i do know the battery reports correct usage in windows so on Unix/Linux it should be the same just without the timing.. now all I'm missing is a system to go with :smile: i don't know how to thank you guys for helping me fix this decade(2011??)old problem i mean i got this laptop has a preshow model - somewhere in the beginning of 2011 - and tried all i could i could never have come up with a fix has I'm still kinda in the beginning of knowing this stuff but now i know to think without timers and measure if need be [img]http://fi.somethingawful.com/images/smilies/emot-banjo.gif[/img]

[img]http://good-mechs.info/secret/kernel4.png[/img] kernel 4.0.0 rc1 cos i can

What does 4.0 bring to the table, if anything?

[QUOTE=lavacano;47265351]What does 4.0 bring to the table, if anything?[/QUOTE] I read that the goal of 4.0 is to be a rock-hard release, and that their primary focus is bug-fixes.

[QUOTE=lavacano;47265351]What does 4.0 bring to the table, if anything?[/QUOTE] Something about not having to restart when a kernal upgrade happens IIRC

[QUOTE=DuCT;47266735]Something about not having to restart when a kernal upgrade happens IIRC[/QUOTE] wonder how the proprietary graphics are going to get handled in that scenario i imagine worst case scenario i have to logout and do that update in TTY but i do hope it's a little more seamless than that [editline]5th March 2015[/editline] I have a question, and I think you guys might know the answer. In VLC, the DVD menus highlight their entries the way they're supposed to: [t]http://jesusfuck.me/di/1X5B/vlcsnap-2015-03-05-19h49m38s210.png[/t] In mpv however, DVD menus highlight more like this: [t]http://jesusfuck.me/di/RJ38/mpvexample.png[/t] Is this just a limitation with mpv or did I genuinely forget to do something somewhere? Ideally I'd make it look like the VLC screenshot, except in mpv

Is that apophis from Stargate SG-1? What's Point of View?

[QUOTE=Lyoko2;47268373]Is that apophis from Stargate SG-1? What's Point of View?[/QUOTE] S3 Episode 6 of SG-1, it's the episode name.

gonna have to bring up my network issue again as restarting the router yesterday put me back where I was, no connection and it being unable to get a DHCP lease. looking through the logs on the router, there's no mention of my PC asking for a lease even though running dhcpcd in debug will tell me it's sending a DISCOVER signal. I tried setting a static route, but no luck. tried setting one in the router too, no go. [IMG]http://i.cubeupload.com/wiEeWx.png[/IMG] Acheron is my linux hostname while ArchPC is my Windows hostname for some odd reason, booting into Windows will tell me Acheron got a lease, but it's the WIndows install getting it under its hostname. [IMG]http://i.cubeupload.com/sIZM0R.png[/IMG] [IMG]http://i.cubeupload.com/PykyRs.png[/IMG] I'm running Tomato Shibby on my router. is there anything I'm forgetting for a static route to work? it's set up like the wiki says [code]ip addr add 192.168.1.2/24 broadcast 192.168.1.255 dev eno1 ip route add default via 192.168.1.1[/code]

[QUOTE=PredGD;47270625]for some odd reason, booting into Windows will tell me Acheron got a lease, but it's the WIndows install getting it under its hostname.[/QUOTE] The router could just be caching the hostname, couldn't it

[QUOTE=Lyoko2;47268373]Is that apophis from Stargate SG-1?[/QUOTE] yep i didn't think he could look any more like a doofus but then [sp]Alt Reality[/sp] Apophis had that fucking beard, i could barely take him seriously

[QUOTE=lavacano;47271183]yep i didn't think he could look any more like a doofus but then [sp]Alt Reality[/sp] Apophis had that fucking beard, i could barely take him seriously[/QUOTE] you have taken what is mine. for this, you shall be destroyed

[QUOTE=Map in a box;47271873]you have taken what is mine. for this, you shall be destroyed[/QUOTE] [i]Fools! Nobody may be permitted to dress more fabulously than [b]Apophis![/b][/i] that's seriously the running joke between me and my friends, we have a hard time taking his fashion sense (and many of his facial expressions) seriously regardless of how the rest of the character acts [editline]6th March 2015[/editline] General Linux and Stargate Discussion v1

which episode starred him with a beard? i cant think of it on the top of my head

[QUOTE=Map in a box;47272206]which episode starred him with a beard? i cant think of it on the top of my head[/QUOTE] Point of View, the episode in my DVD menu screenshots S03E06 [editline]6th March 2015[/editline] and it wasn't so much a starring role as it was an appearance but still

[QUOTE=lavacano;47272558]Point of View, the episode in my DVD menu screenshots S03E06 [editline]6th March 2015[/editline] and it wasn't so much a starring role as it was an appearance but still[/QUOTE] Ohh i remember now. Yeah that was something else

Hey guys, i was fucking around with my window mangers earlier today and i'm pretty sure in the process of attempting to use i3 i fucked up the unity greeter that i usually use and am now just greeted with a blank grey slate. Entering the password as normal brings me to my good old GNOME desktop so i'm not too worried by it. However, i'd like to know if i can fix that fucking greeter in any way or even better, turf the old unity one and put something better in it's place. [editline]7th March 2015[/editline] Fuck it, set it to autologin. It's not like i share this computer with anyone anyway.

[QUOTE=The Aussie;47273734]or even better, turf the old unity one and put something better in it's place.[/QUOTE] as root [code]aptitude remove unity* aptitude install lightdm # or gdm, or kdm, or whatever[/code] if you don't have aptitude installed, you can use apt-get instead, or do the smart thing and "apt-get install aptitude" aptitude without arguments gives you an ncurses interface to do package managing on, aptitude with arguments is pretty much apt-get with a proper brain

Well, i did what you asked and all was well until i had to restart. Pretty sure i broke something. Its literally like there isnt a desktop environment. So im using ctrl alt f2 to attempt to reinstall everything and see if that helps. [editline]7th March 2015[/editline] It worked. I have literally no idea what i did. Thanks for the help though, appreciate it.

Got a Bananapi recently put Lubuntu onto it, am hosting a mumble server off it at the moment, sadly I found out after I bought it that TeamSpeak didn't have support for ARM but mumble is still good.

[QUOTE=Zeb Brown;47275973]Got a Bananapi recently put Lubuntu onto it, am hosting a mumble server off it at the moment, sadly I found out after I bought it that TeamSpeak didn't have support for ARM but mumble is still good.[/QUOTE] Got one myself as well, used it as a workstation replacement for a little while until I got my suspend modes working on my netbook. Now it's primarily hosting services and testing grounds for all kinds of shit. With a neat and secure access, you can do a lot of shit with a devices that only uses up to 15W. Now the Firefly RK3288.. That'll blow some dicks off of horses. It's pretty fast as fuck, and supports 4K displays and .. Well, just check it out shit is so sexy, even does 4GB RAM and Quad core CPU clocked at 1.8Ghz. The only issue with these devices is the closed source nature of them. I've been forced to dd the boot partition (and some firmware) from the official banana pi images into my own image, in order to get shit working. I could've just copied shit, but yeah. Besides, it sucks when communities thrive on libre software, and dicks like AllWinner and Rockchip don't give a fuck when they could give many fucks and receive many fucks.