Create TRUE random passwords

There is an errata blog post for this one !!!


$ cat /dev/urandom  | tr -dc '[\x21-\x7E]' | head -c 16

(Not so) Long Story:

In Linux (we trust) we have a device that create randomness, named: /dev/random

The problem with this device is that the pool entropy (is something useful, believe me) can ran out very quickly.
So instead of random we use urandom. This device takes some output and re-entering it into the pool entropy, so that the entropy pool can never be empty.

Enough with all this tech crap … nobody truly cares …

We want to take some randomness from /dev/urandom … but … the output isnt something useful:

$ cat /dev/urandom  | head


so we need to take only the ASCII printable characters from that output.

Looking at the ascii table, we found out that the printable characters starts from:

hexadecimal: 21
hexadecimal: 7E

So to get the first n characters we can use the head command.
To get the first 16 characters: head -c 16

To put everything together:

$ cat /dev/urandom  | tr -dc '[\x21-\x7E]' | head -c 16

$ cat /dev/urandom  | tr -dc '[\x21-\x7E]' | head -c 16

$ cat /dev/urandom  | tr -dc '[\x21-\x7E]' | head -c 16
Tag(s): random, password
best conspiracy theory EVER

This post is only in Greek - sorry about that.

Βρίσκομαι έξω από το κτήριο των αρχαιολόγων στο common fest και την ώρα που ο Richard M Stalman μίλαγε για ελεύθερο λογισμικό κι ελευθερίες, μια ομάδα πιτσιρικάδων συζητάνε μεταξύ τους:

  • Ρε, όλα έχουν τον σκοπό τους.
  • Έλα ρε, γιατί το λες αυτό ?
  • Και ποιος μου λέει, ρε συ, ότι δεν τον πληρώνουν αυτόν εδώ οι εταιρείες για να λέει στον κόσμο να μην βάζει windows !
Tag(s): commonfest, rms
pnp4nagios selinux

I have found a few difficulties with pnp4nagios and SElinux:

So here are my notes:

module httpd_pnp4nagios 1.0;

require {
        type httpd_t;
        type nagios_var_lib_t;
        class dir       { getattr search open read };
        class file      { getattr open read };

#============= httpd_t ==============
allow httpd_t nagios_var_lib_t:dir      { getattr search open read };
allow httpd_t nagios_var_lib_t:file     { getattr open read };

With the above policy we give privileges on httpd to directories with the tag nagios_var_lib_t (like /var/lib/pnp4nagios/ ).

Checking the module:

# checkmodule -M -m -o httpd_pnp4nagios.mod httpd_pnp4nagios.te

Creating the module:

# semodule_package -o httpd_pnp4nagios.pp -m httpd_pnp4nagios.mod

And finally install the policy:

# semodule -i httpd_pnp4nagios.pp