credativ® Blog
Here you will find interesting news about industry-specific topics and us.
Categories
Category
Category: HowTos
15 March 2022
Introduction to AppArmor
Fundamentally, access control under Linux is a simple matter: Files specify their access rights (execute, write, read) separately for their owner, their group, and finally, other users. Every process (whether a user’s shell or a system service) running on the system operates under a user ID and group ID, which are used for access control. […]
08 March 2022
SQLreduce: Reduce verbose SQL queries to minimal examples
SQLreduce: Reduce verbose SQL queries to minimal examples Developers often face very large SQL queries that raise some errors. SQLreduce is a tool to reduce that complexity to a minimal query. SQLsmith generates random SQL queries SQLsmith is a tool that generates random SQL queries and runs them against a PostgreSQL server (and other DBMS […]
22 June 2021
Self-hosted Yubico OTP
In the preceding article, Two-Factor Authentication with Yubico OTP, we demonstrated how quickly existing services can be extended with two-factor authentication (2FA) using Yubico OTP with the help of the PAM module pam_yubico. The validation service used, the YubiCloud, is provided by Yubico free of charge. However, the fact that you are bound to an […]
10 December 2020
Create QR Codes for TOTP Secrets
The article Two-factor authentication for OpenSSH and OpenVPN presented a simple way to increase the security of PAM-enabled services through two-factor authentication. The TOTP method used generates a one-time password that is valid for a limited period of time based on a shared secret. Depending on the method and encoding, the shared secret consists of […]
02 November 2020
Two-Factor Authentication for OpenSSH and OpenVPN
Authentication using username and password still represents the standard procedure for most applications to authenticate to a service. However, the use of a second factor is becoming increasingly widespread and is even recommended by the BSI, the German Federal Office for Information Security. While not mandatory, various web services at least offer the option to […]