Language Selection

English French German Italian Portuguese Spanish

Five tips for improving Linux security

Filed under
Linux
Security
HowTos

What’s that you say? You don’t need to do anything about security on your Linux box because it’s Linux? Think again. Linux is an operating system that begs to be online, so it wants to be secure. Sure it’s fairly secure out of the box, but NO operating system is 100% secure if it’s, well, turned on. Here are five crucial Linux security tips.

1: Take advantage of the keyring

To many, this is an annoyance. You log in to your machine, your machine requests a connection to a network (or LDAP server, etc.), and you have to enter your keyring password. The temptation is to disable this feature by giving it an empty password and dismissing the warning that you’ll be transmitting unencrypted information (including passwords). This is not a good idea. Although you might think it a hassle, this feature/functionality is there for a reason — to encrypt sensitive passwords when they are sent over the wire.

2: Enforce user password update




More in Tux Machines

BeagleBone Announces the Open Source PocketBeagle USB-Key-Fob SBC

  • BeagleBone Announces the Open Source PocketBeagle USB-Key-Fob SBC
    You've probably heard of BeagleBones and the Beagleboard Foundation by now (check out that link if you're not familiar with them). They make open source SBCs and have an online community much like the Raspberry Pi Foundation. While Beaglebones don't have as large of a community or market share as Raspberry Pi, their boards are still quite popular because they tend to be more application-focused than Raspberry Pis. For example, there's the general-purpose Beaglebone Black, the sensor-oriented Beaglebone Green, and the Beaglebone Blue for robotics applications.
  • What is PocketBeagle?

today's howtos

Graphics: NVIDIA, Nouveau, X.Org Server

  • NVIDIA Making Progress On Server-Side GLVND: Different Drivers For Different X Screens
    While NVIDIA isn't doing much to help out Nouveau, at least the company is contributing to the open-source Linux graphics ecosystem in other ways. In addition to presenting at XDC2017 this week on the Unix device memory allocator API and DeepColor / HDR support, they also presented on server-side GLVND. Server-side GLVND is separate from the client-side GLVND (OpenGL Vendor Neutral Dispatch Library) that evolved over the past few years and with modern Linux systems is supported both by Mesa and the NVIDIA binary driver. Server-side GLVND can help PRIME laptops and other use-cases like XWayland where potentially dealing with multiple GPU drivers touching X.
  • Nouveau Developers Remain Blocked By NVIDIA From Advancing Open-Source Driver
    Longtime Nouveau contributors Martin Peres and Karol Herbst presented at this week's XDC2017 X.Org conference at the Googleplex in Mountain View. It was a quick talk as they didn't have a whole lot to report on due to their open-source NVIDIA "Nouveau" driver efforts largely being restricted by NVIDIA Corp.
  • X.Org Server 1.20 Expected Around January With New Features
    X.Org Server 1.19 is already almsot one year old and while X.Org is currently well off its six month release cadence, version 1.20 is being figured out for an early 2018 release. Adam Jackson of Red Hat who has been serving as the xorg-server release manager held a quick session on Friday at XDC2017 to figure out what's needed for X.Org Server 1.20. His goal is to see X.Org Server 1.20 released in time for making the Fedora 28 version. For that to happen nicely, he's hoping to see xorg-server 1.20 released in January. The Fedora 28 beta freeze is the middle of March so there is still time for the 1.20 release to slip while making the F28 Linux distribution update.

ASUS Launches Its Thinnest and Lightest Flippable Chromebook, the Flip C101

ASUS announced a new Chromebook on its website, the Flip C101, which is a smaller and lightweight version of the C302 model. Featuring a 10.1-inch touchscreen display, the all-new Chromebook is priced at only $299 in the US. Read more