Free and Open Source blogger with an attitude
Ubuntu is friendly enough to provide a nice and friendly warning to me about the status of the laptop battery that I currently use. With Microsoft Windows (at least Windows XP), the laptop simply dies when the battery looses its juice.
Its nice to have this sort of reminder when you really need to change the battery.
I’ve received my free Ubuntu Hardy Heron CD today, thanks Canonical and Ubuntu ! Thanks Pos Malaysia !
Mark Shuttleworth has written a good blog post detailing about future Ubuntu release schedule and the length of support for a particular release, whether its a standard release or an LTS (Long Term Support) release.
In his post, he also explains about the point release concept for the LTS, which each Long Term support installation will receive continuous updates up until the next release of LTS. Which is due to be released in two years time. This point release will allow fresh LTS installation to receives new patches and updates without going through the hassle downloading them through the internet.
Standard releases will continue to receive patches and updates for one and a half-year and Server LTS release will continue to receive updates for 5 years.
For more information read Mark Shuttleworth post, The Art of Release
This might be stale news by most security alert people, but I felt compelled to write this post nevertheless. Byy this time most security alert people have realised that a serious security vulnerability has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems, and there are a lot of sites have published information about it. [1] [2] [3] [4] [5].
This vulnerability caused OpenSSL to generate “common” and predictable keys, which is easily crackable by using brute-force algorithm. In the extreme case, some of the keys are successfully cracked in 2 hours time. Longer keys 8192-bit RSA keyset might take as short as 129 days to generate as opposed to hundred of years if the keys were generated securely.
Which Ubuntu Linux system are affected ?
As Ubuntu linux operating system is based on Debian, it inherited Debian vulnerability problem. Users who has generated keys under (before updating to the new OpenSSL package via automatic updates, which is before May 13 2008) — Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS are all affected by this vulnerability
Other system which uses the keys generated by Debian and the above mentioned Ubuntu system is also affected as the keys might allow malicious 3rd party user to abuse the system. SSH login which uses these keys will not be considered secure anymore, and are advised to update their SSH keys immediately.
How to check against weak SSH keys ?
A system is as strong as its security measures (in this case, the key) to protect it. By using ssh-vulkey as detailed in Ubuntu Security Notice 612-2, you can detect weak keys in your system, and updates them accordingly.
Run “sudo ssh-vulnkey -a” command to check against weak keys :
ssh-vulnkey -a
ssh-vulnkey -a Not blacklisted: 2048 fa:2e:1d:a6:84:64:a1:80:c4:31:68:5a:b0:1a:cb:fe /etc/ssh/ssh_host_rsa_key.pub Not blacklisted: 1024 f4:34:04:85:58:a0:6b:0a:a1:b9:2d:3b:e6:19:5a:76 /etc/ssh/ssh_host_dsa_key.pub COMPROMISED: 2048 5c:10:8a:c0:55:8c:1f:d9:4b:05:f0:35:0a:0d:2f:5c /home/someuser/.ssh/authorized_keys Not blacklisted: 2048 a7:b4:3e:41:18:cb:f7:68:5e:4f:ae:30:14:d2:17:fd /home/someuser/.ssh/authorized_keys
More information about OpenSSL in Debian / Ubuntu security vulnerability :
Finally I’ve gotten the time and budget to get myself a new bookshelf. Previously I’ve been squeezing my books on the premium space left on my old bookshelf which is filled with books from my school days.
Now I can arrange my technology books neatly on the new bookshelf.
Sometimes when you are about to ask questions or to get help about something related to your Linux computer, you might be asked which distro and the release of the distro you are using.
Same goes if you need to fix something or install binary packages on someone else’s computer. The first thing you should know, is the name of the distro and the release they are using. The simplest way is to use “lsb_release” command, which are included on most modern GNU Linux operating system.
Just run : lsb_release -a
And you will be given information you need to install binary packages, submit a bug report or to determine which solution best for the particular distro.
No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 7.10 Release: 7.10 Codename: gutsy