Linux – Teza's tech notes

Unprotected Private Key File

Posted on August 26, 2021August 26, 2021 by admin

Warning: Permanently added '192.168.1.1' (RSA) to the list of known hosts.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/path/to/my/key.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /path/to/my/key.pem
Permission denied (publickey).

It’s a common error to see when trying to log in to a server via SSH, and it has a relatively easy fix. But before we get to that, let’s get some background on why this error shows up.

Why am I seeing this Error?

What happened is the key you’re trying to use (key.pem in the example above) is too accessible to users on the system.

This is a bad thing because then you’re not the only one able to use the key, which defeats the purpose. Private keys should only be accessible to one user.

For example, if an attacker somehow gains access to any of the accounts on your system, then they’d be able access the key, as opposed to having to get access to your account specifically. This gives them too many opportunities to get to the private key.

How can I fix it?

Like I said earlier, this is an easy fix. Just run:

$ sudo chmod 600 /path/to/my/key.pem

Or if you are running gui, locate the pem file, right click and change the permissions as per below.

That should do the job.

Failed to execute child process “usr/bin/vivaldi” Vivaldi Browser

Posted on August 11, 2021August 26, 2021 by admin

Vivaldi is a great browser, very fast, tons of control, very good for Pravacy and security but at some point, for whatever reason if you are to uninstall Vivaldi and going back to one of the mainstream browsers like Chrome or Firefox, you might encounter errors like below.

This is because you uninstalled Vivaldi and the path is no longer there, however, when you opens a link, it is still looking for Vivaldi.

2 options here, install Vivaldi back or select the alternative browser. update-alternatives x-www-browsers to list the alternatives and select the current choice.

just my side note.

Terraform walk through with AWS creating S3 buckets

Posted on June 24, 2021June 25, 2021 by admin

Terraform is a IaaC tool developed by Hashicorp. It can be used with multiple platforms like AWS, Microsoft Azure, GCP and provision different environments.

Running Terraform is simple, you simply need to install Terraform first on the host you intend to run, whether it be local, remote or cloud hosts. Move to desired location /usr/local/bin. Then create a Terraform config file – which is written in HCL (Hashicorp Config Language) that ends with .tf extension.
Using simple commands like Terraform init, plan, apply, destroy, you can manage and provision infrastructure safely and efficiently.

See my Video tutorial on setting up Terraform on AWS EC2 instance.

Installing PyQt on Linux

Posted on May 30, 2021June 20, 2021 by admin

Python by itself is a strong Programming Language but if you want more than lines of codes and Grphical User Interface for users to interact with, you need a GUI framework.
PyQt is one of the GUI frameworks for Python Developers.
Qt by itself is a set of C++ libraries and tools. PyQt is Python binding to work with Qt.

Below is some of the guidelines installing PyQt5 on Debian Linux.
In some Linux Distros where you have two different versions of Python, 2.7 and 3, make sure you use Python3.
Python 2.7 is not officially supported past 2020 anyways so its a good idea to stick with Python3.

Check Python Version

$python3 --version
it should show something like
$python 3.7.3
if you are not already on Python 3.7, install the latest
$sudo apt install python 3.7

Installation

$pip3 install --user pyqt5 $sudo apt-get install python3-pyqt5 $sudo apt-get install pyqt5-dev-tools $sudo apt-get install qttools5-dev-tools

To test run, start by importing modules from PyQt5 –
from PyQt5 import QtCore, QtGui, QtWidgets

Happy Coding
Regards

Teza

L I N U X – L I N U X – L I N U X ! ! ! New Beginner’s Guide

Posted on April 26, 2021June 25, 2021 by admin

Here is my advise on Windows users if you want to try Linux out for the first time.
This will be a series of videos to help you from Linux total beginner to Power user level.
So If you like my videos and find them interesting, please Like and Subscribe my channel.

Why not! its just one simple click and you will get all my tech notes tutorials for free!

wifi card with monitor mode and packet injections

Posted on April 2, 2021June 16, 2021 by admin

When you do Wireless pen-testings, you want to use these tools.
airmon-ng
airodump-ng
aireplay-ng

Basically what that means is you want your wireless cards to be able to perform these tasks.
Change monitor mode
Packet capturing
Packet Injection.

If you want to go fancier, you might also want to have a look at TX gain, band etc but nevermind that for now.

Not all wireless cards support above functions.

And its hard to tell if you get the right wireless adapter, because there are many different wifi adapters brands out there, but you need to find one with the right chipset.

Here is a link for you to consult with. See if you wireless card has the right chipset.
https://www.kali.org/docs/nethunter/wireless-cards/
It will help you to find the right wireless cards, but sometimes you can get lucky even if your card is not on that list.

For me, I have a built in Relatek chipset, which is not listed in the link above, but does all the required tasks to perform the wifi testing.
I also happened to buy a TP-Link TL-WN722N which happens to be version 2/3 (only version 1 has the right chipset) but I heard there is a way to get it working with different driver.

So, the best way to get the right wireless card, you need to find the right chipset . Do a bit of research on the card that you have or you are buying.
You wont know what chipset it uses, so you have to dig a bit into that as well.

use lspci to find out what chipset installed for your wireless
use lsusb to find out which chipset your wifi adapter uses.

Start off by changing to monitor mode and see if monitor mode is supported. Then carry on with other tools.
iwconfig wlan0 mode monitor

man info for the tools I mentioned earlier –

airmon-ng This script can be used to enable monitor mode on wireless interfaces. It may also be used to go back from monitor mode to managed mode. Entering the airmon-ng command without parameters will show the interfaces status. It can also list/kill programs that can interfere with the wireless card operation.

airodump-ng is used for packet capturing of raw 802.11 frames for the intent of using them with aircrack-ng. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points. Additionally, airodump-ng writes out a text file containing the details of all access points and clients seen.

aireplay-ng is used to inject/replay frames. The primary function is to generate traffic for the later use in aircrack-ng for cracking the WEP and WPA-PSK keys. There are different attacks which can cause deauthentications for the purpose of capturing WPA handshake data, fake authentications, Interactive packet replay, hand-crafted ARP request injection and ARP-request reinjection. With the packetforge-ng tool it’s possible to create arbitrary frames.

Cheers

Teza

Zenmap Installation in Debian using ALIEN package converter

Posted on March 26, 2021June 14, 2021 by admin

If you are familiar with Security tools or Penetration testing, you definitely must have heard of Nmap.

Zenmap is a GUI of Nmap.

However it is no longer included in later version of Security testing OSs.
Below is an instruction on how to install it on Debian machines.

1) Download the latest RPM package at https://nmap.org/download.html
Optional Zenmap GUI (all platforms): zenmap-7.91-1.noarch.rpm

2) Note it is RPM package, so you will need to convert it to install on Debian. For that, you will need a package converter called ALIEN.

man alien >> alien is a program that converts between Red Hat rpm, Debian deb, Stampede slp, Slackware tgz, and Solaris pkg file formats. If you want to use a package from another linux distribution than the one you have installed on your system, you can use alien to convert it to your preferred package format and install it.

3) Latest version of alien (alien_8.95) seems to have a glitch when installing so, if you happened to have installed that, you will need to uninstall and downgrade to alien_8.90.

Download link below.
http://archive.ubuntu.com/ubuntu/pool/main/a/alien/alien_8.90_all.deb

4) Install using your package manager or command line below.
dpkg -i alien_8.90_all.deb

5) Convert your Zenmap RPM package that you downloaded to .deb
sudo alien zenmap-7.91-1.noarch.rpm

6) Now you will get the .deb package. Install it.
sudo dpkg -i zenmapconvertedfile.deb

7) Thats it. Now you can run your Zenmap on your Debian.

E: Package aptitude has no installation candidate

Posted on March 25, 2021June 14, 2021 by admin

sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty main restricted universe multiverse"
sudo add-apt-repository deb http://archive.ubuntu.com/ubuntu/ trusty-security main restricted universe multiverse 
sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted universe multiverse" 
sudo add-apt-repository  "deb http://archive.ubuntu.com/ubuntu/ trusty-proposed main restricted universe multiverse" 
sudo add-apt-repository  "deb http://archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse" 

# Then install

sudo apt-get install aptitude

Wireless Troubleshooting on Linux (applies for Kali linux and Parrot OS) with Realtek chipset

Posted on February 2, 2021June 14, 2021 by admin

After installing Parrot Security OS, I was not able to connect to wifi anymore. The reason being Parrot OS not supporting my laptop’s Realtek wifi chipset.

Long story short and get to the troubleshooting steps, that got me going.

ifconfig
See if your wifi interface is up, normally you should see a loopback interface, LAN interface and a WLAN interface.

lspci
Check your chipset model. Below is my wifi card. If you see something similar but WLAN interface is not showing up on ifconfig, then its most likely the driver issue.

03:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE 802.11ac PCIe Wireless Network Adapter

Temporary internet connection
You will need an Internet connection
I know it sounds silly when your WLAN interface is not showing up, but trust me its alot easier to try to connect to internet first. Get a wifi adapter or an Ethernet cable to connect to the internet first.

Step 5 – Disable Secure Boot in Bios

reboot your computer, in Bios configuration, Enable Legacy and disable Secure Boot.
Save and Exit. Depending on your Laptop make, F key will be different. For HP, it is F10.

Git Clone driver for Linux
sudo git clone https://github.com/tomaspinho/rtl8821ce

change to download folder
cd rtl8821ce

Change permissions
chmod +x dkms-install.sh
chmod +x dkms-remove.sh
Run the Installer
sudo bash dkms-install.sh

Reboot your computer

Different ways to run Linux for non – linux users

Posted on January 21, 2021June 16, 2021 by admin

For many users out there, Linux may not be their main OS.
This may be because of a few reasons –

Most computers you buy come with Windows Pre installed.
Your Job offeres you a laptop with Windows OS pre installed.
The worst of all – Intimidation (probably seen codes and command lines and dont know what they are all about)
Linux is not very hard indeed. These days, there are different Linux distributions that looks alot like Windows interfaces.

And the best of all, unlike Windows, Linux is highly customizable.

These are the few ways you can run Linux

Fresh install on Standalone computer
Dual Boot alongside another OS
Virtual Machines such as Virtual Box or VMWare or Windows Hyper-V
Windows Subsystem for Linux
Cloud instances
Live images

1. Fresh install may not be an option for beginners. There may be issues with drivers and pre configs, backups etc – depending on the Linux distro you want to use.
There are some hardware that come with Linux pre installed. Like System 76. Its got PopOS and I hear good things about those devices.

2. Dual boot although dual boot is my preferred choice of installing, you may need to consider hard ware limitation, legacy support, bootloader etc. This may be for more advanced users.

3. With Virtual Machines, you are sharing resources with host machine. There are different Virtualization engines out there. You can simply install one, download the Linux image and run on it. It may be one of the easiest way when you start to migrate to Linux.

4. WSL provides a Linux-compatible kernel interface developed by Microsoft and allows a user to chose a Linux distribution to install from the Microsoft Store. Since it can be easily downloaded from Microsoft Store, within a few clicks, you can try a taste of linux.
If you try to locate the path, C:\Users\AppData\Local\Packages\YourLinux, you will get a better idea of what its doing. You will also not find wireless interfaces in WSL. So you will need an external wifi adapter for doing some wifi tests.

5. Cloud VMs. If you are already using some cloud services, which in these days many offices are, you may be able to try installing cloud instances and try linux there.

6. Most modern Linux distros these days come with Live images. you can install it on any USB device, and plug it into your laptop and try your flavor of linux before you are actually installing it. It may be the easiest way to try out different flavors of Linux.

Regards
Teza

1 2 Next »