Redhat 6.3 offers multi factor authentication on ssh

It’s been a while; had little inspiration to write :)

Today however, I went through the security details of Redhat 6.3 (beta) and found something I wanted to share.
From 6.3 on, Redhat Enterprise Linux offers the possibility to require two authentication factors.
So it will be possible, for instance, to require both “password” and “pubkey” methods.
All in all a nice improvement, I think.

For more, read the RHEL 6.3 release notes.


CentOS 6.0 available!

As of yesterday, the good people at have published their clone of Red Hat 6.0, CentOS 6.0.
I’ve downloaded it using the bittorrent within an hour or so, so if you have a fast connection, that is the way to go :)

See their site for detailed information.


Net Neutrality and cookie limitations by Law in Netherlands

As the second country in the world (Chile beat us to it) the Dutch have amended the Telecom Law to enforce Internet Net Neutrality.

This means that ISP’s are not/no longer allowed to, for instance:

  • slow down or limit certain types of traffic (think p2p traffic)
    block – or charge for certain types of traffic (think Skype, SIP, WhatsApp, etc)

There is currently one exception mentioned in the law, and that says that ISP’s can block certain types of traffic on ideological grounds, if the user specifically asks for it. This one exception is expected to be removed in yet antoher amendement, to be voted on next week.

Apart from the neutrality, the Teleocom law now also says that web site owners must specifically ask users’ permission to store non-session tracking cookies. This is thought to promote privacy.
Web site owners don’t have to do this each time a user visits, they may do so once a year.


Scientific Linux 6.0 available for download

[edit August 16, 2012: removed torrent links as their targets no longer exist]

If you got to this page, chances are you have heard of Red Hat Enterprise Linux (RHEL), which is a very nice and stable Linux based OS distribution.

For a number of years, completely legal clones of RHEL have been created by the good people of CentOS ( and Scientific Linux (

Scientific Linux (SL) has now created their version 6.0, which is based on (in practice is a somewhat enhanced clone of-) RHEL 6.
You can download it from their site.

To “share the load” I’ve created torrent seeds for the most popular stuff; the i386 and the x86_64 ISO files.

Download the torrents below and open them in your favortie torrent downloader.

Have fun!

[links removed]


Permissions for .ssh autorized_keys file & directory

It’s one of those thing you don’t do often enough to remember how to, so when I ran into it again this morning, I decided to write it down :-)

To get asymmetric (public/private) key authentication working with sshd, you need to be the only one who has access to your ~/.ssh directory, so you need to do a

chmod 700 ~/.ssh

The ~/.ssh/authorized_keys file may be world readable ( “chmod 644 ~/.ssh/authorized_keys”).

Windows Phone 7 Guides for IT Professionals

Microsoft has released a series of guides for IT people explaining different topics concerning Windows Phone 7.

The documents included are:

Windows Internet Explorer Mobile on Windows Phone 7_FINAL_122010.pdf

Windows Phone 7 and Certificates_FINAL_121610.pdf

Windows Phone 7 and Exchange Server_FINAL_122010.pdf

Windows Phone 7 Device Update_FINAL_122010.pdf

Windows Phone 7 Mobile Email_FINAL_121610.pdf

Windows Phone 7 Root Certificates_FINAL_121610.pdf

Windows Phone 7 Security and Management_FINAL_122010.pdf

Windows Phone 7 Security Model_FINAL_122010.pdf

You can find the documents here:

Nokia OVI suite missing video support

So, today I got a brand new Nokia N97 and I must say that I’m happy with it.

What I’m not so happy with is the support software Nokia has shipped with it: Ovi Suite. All in all I think it’s a monster of a program.

I won’t go into the details. The big picture: I think it’s slow and has an incomprehensible layout/menu structure.
But what bugs me the most, is that today, July 2010, I can’t transfer video’s to my N97 with it! No, sorry, it’s no joke!
It took me quite some hours to finally get to that conclusion, but I’m afraid it’s true.

The first thing I did is check the Nokia web site. In the N97 support section it says that I should copy the video file to my album and then select “Copy to device”. Well, there’s no such thing in Ovi Suite (I’m using 2.2.x)…

Checking out the forums I saw that Nokia has been promising to incorporate video support into Ovi Suite from the start, but until today they haven’t.

So, useless for video? Well, no.
Just download Nokia PC Suite 7.x from the Nokia web site, and you’ll have video support with conversion again. Just forget about Ovi Suite for the time being…

Oh, by the way, Nokia, if you’re reading this, you’re still wondering why you’re losing market share? Don’t just make good phones, make sure your support software is as well or even better!

Future of passports and money movement in the Underground Economy

Team Cymru, a non profit internet security research firm, has created a white paper on what is changing in the moving and availability of “digital identities” – scans of passports – and virtual money.

It’s a good paper that gives some insight in to the changing world of identity theft and money movement.

You can find it here: