greggles's questions -ubuntu

greggles

Asked: 2019-05-22 13:31:10 +0800 CST

Import public key from github to local ubuntu account

12

I'm setting up a new Ubuntu (18.04) server and noticed during install that I could import public keys from github. I've now finished setup and would like to create some more users. It seems ideal to keep importing their public keys from github if possible. Is there a way to trigger that feature of importing keys from a public github profile for a user outside of the installation process?

greggles

Asked: 2018-06-15 14:53:55 +0800 CST

How do I manually import the clamav virus definition file?

9

I would like to manually download the main.cvd for clamav and then import it from a local location. I see this is possible using clamav-clamfresh if I configure it to use DatabaseMirror machine1.example.com but that requires running an http webserver on port 80 of machine1.example.com which I don't want to do.

If I get the main.cvd file onto a machine is there some way to manually trigger the import?

greggles

Asked: 2017-07-21 14:09:57 +0800 CST

What is the secure combination of php.ini configuration and PHP code to verify SSL/TLS on Ubuntu 14.04?

2

I'm using PHP 7.0 from ppa:ondrej/php on Ubuntu 14.04. I'm interacting with an API and would like to ensure that my PHP/CURL code is interacting with the right server and securely (without any risk of snooping, MITM, tampering, etc.).

I've done a bit of research and do not see any complete set of advice on this topic.

Here are a few things I've noticed about the default configurations:

The openssl.cafile and openssl.capath values are empty.

I believe that CURLOPT_SSL_VERIFYPEER defaults to TRUE and that a default cert bundle is provided by cURL (14.04 has cURL 7.35 and this is true since 7.10).

It appears many of the examples of "bad" ssl are things that browsers and the security world at-large consider insecure, but PHP/CURL's default configuration accepts.

Using badssl.com and a script I wrote I began testing which bad SSL configs would trigger errors and I am surprised how many of them do not trigger errors.

A few possible solutions:

Trace down configuration options to make php/curl more strict in what it accepts. This might not be completely possible.
Add more code in PHP to inspect the certs more closely (feels bad)
Perhaps it's OK that PHP/CURL don't identify all of these as invalid

I'm looking for answers on any of these points :)

Import public key from github to local ubuntu account

How do I manually import the clamav virus definition file?

What is the secure combination of php.ini configuration and PHP code to verify SSL/TLS on Ubuntu 14.04?

How to install Google Chrome

Is there a command to list all users? Also to add, delete, modify users, in the terminal?

How to delete a non-empty directory in Terminal?

How to unzip a zip file from the Terminal?

How can I copy the contents of a folder to another folder in a different directory using terminal?

How do I install a .deb file via the command line?

How do I run .sh scripts?

How do I install a .tar.gz (or .tar.bz2) file?

How to list all installed packages

Unable to lock the administration directory (/var/lib/dpkg/) is another process using it?