Merge remote-tracking branch 'refs/remotes/origin/master'
This commit is contained in:
commit
b556084673
20
linux_hardening.md
Normal file
20
linux_hardening.md
Normal file
@ -0,0 +1,20 @@
|
||||
# secureboot
|
||||
|
||||
Most of the distributions are delievered with a microsoft-signed SHIM bootloader, which should allow the boot with active secureboot without deleting OEM keys. the SHIM bootloader gets controlled with mokutil.
|
||||
|
||||
- systemctl reboot --firmware
|
||||
- bootctl
|
||||
- efibootmgr -v
|
||||
- mokutil --sb-state
|
||||
- mokutil --list-enrolled
|
||||
- mokutil --enable-validation
|
||||
|
||||
## ubuntu
|
||||
ubuntu provides a update-secureboot-policy script to generate and enroll a secureboot mok, but this needs an already active secureboot.
|
||||
# cryptsetup luks
|
||||
crypsetup luksDump /dev/sdaX
|
||||
cryptsetup luksChangeKey /dev/sdaX
|
||||
cryptsetup luksErase
|
||||
|
||||
ressource:
|
||||
http://jk.ozlabs.org/docs/sbkeysync-maintaing-uefi-key-databases/
|
@ -4,4 +4,12 @@
|
||||
FYI: _remember to mkdir a folder for this_
|
||||
`sudo mount.vboxsf media /mnt/exchange`
|
||||
after adding a guest share the users need access which is granted by a group:
|
||||
`sudo usermod -G vboxsf -a $USER`
|
||||
`sudo usermod -G vboxsf -a $USER`
|
||||
|
||||
|
||||
sometimes it will generate a protocol error:
|
||||
```
|
||||
[ 6.646480] vboxsf: could not stat root of share: -71
|
||||
[ 6.647218] 06:53:23.826079 automount Error: vbsvcAutomounterMountIt: Failed to mount 'exchange' on '/mnt/exchange': Protocol error (-1,71)
|
||||
```
|
||||
the workaround is to choose an new/other folder on the host system.
|
Loading…
Reference in New Issue
Block a user