[Problem]: When I wanted to install any repo using yum command, I was getting error because of which nothing was getting installed properly through Yum command and I was using centos 6.4.
I was getting below errors. [Error]:
Cannot find a valid baseurl for repo: rpmfusion-free
Cannot find a valid baseurl for repo: rpmfusion-nonfree
[Solution]: After long long struggle with various provided solutions at Google search, finally it started working. It appears that it has installed RPM Fusion repositories for Fedora, rather than for Enterprise Linux. These would not be compatible with your CentOS system, so it would cause this error. Here are few working steps which would solve the above said error.
First check what rpmfusion-* repo is showing. In my case it was showing Fedora 6 core repo baseurl, but it should show EL repo base url.
[bash]yum repolist enabled
[/bash]
will show you the below image (Make sure you have the permission to use yum else do su – or sudo –I before using yum command) :
Now, erase the base url given for rpmfusion-*-release
[bash][root@AlienCoders ~]# rpm -e rpmfusion-free-release rpmfusion-nonfree-release
warning: /etc/yum.repos.d/rpmfusion-free.repo saved as /etc/yum.repos.d/rpmfusion-free.repo.rpmsave
warning: /etc/yum.repos.d/rpmfusion-free-updates.repo saved as /etc/yum.repos.d/rpmfusion-free-updates.repo.rpmsave [/bash]
Then, replace them with correct repos for RHEL 6 or compatible like CentOS:
Either use above given link or use below command to install correct rpmfusion package.
You can see at the above image that rpmfusion* is showing RPM Fusion for EL 6. Now, try to install anything through yum command, it would work fine.
Hope this would solve other users problems too.
"Security through obscurity" may be a catchy phrase, but it's not the only thing that's catching among Windows users. The expression is intended to suggest that proprietary software is more secure by virtue of its closed nature.
If hackers can't see the code, then it's harder for them to create exploits for it–or so the thinking goes. Unfortunately for Windows users, that's just not true–as evidenced by the never-ending parade of patches coming out of Redmond.
In fact, one of Linux's many advantages over Windows is that it is more secure–much more. For small businesses and other organizations without a dedicated staff of security experts, that benefit can be particularly critical.
Five key factors underlie Linux's superior security:
1. Privileges Linux systems are by no means infallible, but one of their key advantages lies in the way account privileges are assigned. In Windows, users are generally given administrator access by default, which means they pretty much have access to everything on the system, even its most crucial parts. So, then, do viruses. It's like giving terrorists high-level government positions. With Linux, on the other hand, users do not usually have such "root" privileges; rather, they're typically given lower-level accounts. What that means is that even if a Linux system is compromised, the virus won't have the root access it would need to do damage system wide; more likely, just the user's local files and programs would be affected. That can make the difference between a minor annoyance and a major catastrophe in any business setting.
2. Social Engineering Viruses and worms often spread by convincing computer users to do something they shouldn't, like open attachments that carry viruses and worms. This is called social engineering, and it's all too easy on Windows systems. Just send out an e-mail with a malicious attachment and a subject line like, "Check out these adorable puppies!"–or the porn equivalent–and some proportion of users is bound to click without thinking. The result? An open door for the attached malware, with potentially disastrous consequences organizationwide. Thanks to the fact that most Linux users don't have root access, however, it's much harder to accomplish any real damage on a Linux system by getting them to do something foolish. Before any real damage could occur, a Linux user would have to read the e-mail, save the attachment, give it executable permissions and then run the executable. Not very likely, in other words.
3. The Monoculture Effect However you want to argue the exact numbers, there's no doubt that Microsoft Windows still dominates most of the computing world. In the realm of e-mail, so too do Outlook and Outlook Express. And therein lies a problem: It's essentially a monoculture, which is no better in technology than it is in the natural world. Just as genetic diversity is a good thing in the natural world because it minimizes the deleterious effects of a deadly virus, so a diversity of computing environments helps protect users. Fortunately, a diversity of environments is yet another benefit that Linux offers. There's Ubuntu, there's Debian, there's Gentoo, and there are many other distributions. There are also many shells, many packaging systems, and many mail clients; Linux even runs on many architectures beyond just Intel. So, whereas a virus can be targeted squarely at Windows users, since they all use pretty much the same technology, reaching more than a small faction of Linux users is much more difficult. Who wouldn't want to give their company that extra layer of assurance?
4. Audience Size Hand-in-hand with this monoculture effect comes the not particularly surprising fact that the majority of viruses target Windows, and the desktops in your organization are no exception. Millions of people all using the same software make an attractive target for malicious attacks.
5. How Many Eyeballs "Linus' Law"–named for Linus Torvalds, the creator of Linux–holds that, "given enough eyeballs, all bugs are shallow." What that means is that the larger the group of developers and testers working on a set of code, the more likely any flaws will be caught and fixed quickly. This, in other words, is essentially the polar opposite of the "security through obscurity" argument. With Windows, it's a limited set of paid developers who are trying to find problems in the code.
They adhere to their own set timetables, and they don't generally tell anyone about the problems until they've already created a solution, leaving the door open to exploits until that happens. Not a very comforting thought for the businesses that depend on that technology. In the Linux world, on the other hand, countless users can see the code at any time, making it more likely that someone will find a flaw sooner rather than later.
Not only that, but users can even fix problems themselves. Microsoft may tout its large team of paid developers, but it's unlikely that team can compare with a global base of Linux user-developers around the globe. Security can only benefit through all those extra "eyeballs."
Once again, none of this is to say that Linux is impervious; no operating system is. And there are definitely steps Linux users should take to make their systems as secure as possible, such as enabling a firewall, minimizing the use of root privileges, and keeping the system up to date. For extra peace of mind there are also virus scanners available for Linux, including ClamAV.
These are particularly good measures for small businesses, which likely have more at stake than individual users do. It's also worth noting that security firm Secunia recently declared that Apple products have more security vulnerabilities than any others–including Microsoft's. Either way, however, when it comes to security, there's no doubt that Linux users have a lot less to worry about.
Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to edit your files. I prefer using vim editor.
After doing some experiments and knowing some important commands, I though to share with you. So i have written few commands point wise which may be useful for you while editing multiple files using vim (not GVIM, although these commands are valid there too.)
Gnu Privacy Guard or GnuPG or popularly known as GPG is a GPL Licensed alternative to PGP (Pretty Good Privacy) and its openPGP complaint program for *nix people based on rfc 4880. It is part of GNU software project started in 1991 by Werner Koch and majorly funded by German Government. Download its pdf format from here.
Its basic use is to send encrypted mails or files to the recipient who can decrypt these using its private key. It is based on public and private key mechanism for encryption/decryption. We can encrypt any of our data using our own key pair and send it to the person who can read the message if he has the proper key to decrypt it! Many people use public key generated by gpg to verify his email signature too!
It uses following algorithm for various purposes used for safe message communication:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
Why GPG?
Because it is free and meant to be a replacement of PGP.
Gpg is a CLI program but there are many GUI also through which you can manage keys easily like seahorse for GNOME (yum install seahorse) and KGpg for KDE.
It allows you to encrypt and sign your data, includes a key management system as well as access modules for all kind of public key directories.
If you wish to encrypt your message while sending mail to someone important, you may try this method.
You can share your public key and other users can download it to verify signature in mails/files sent by you for authenticity. It would stop social engineering through email even would stop spams send in the name of your friend’s id.
Applications of GPG
GPG encryption has been added to graphical email client like Evolution for email security.
There is a GNOME front-end application for managing PGP and SSH keys called “Seahorse” which integrates with Nautilus, gedit and Evolution too for encryption, decryption etc.
Enigmail is a data encryption/decryption extension for Mozilla Thunderbird and the SeaMonkey which uses GPG
Mozilla Firefox also gets GPG enabled using Enigform.
GnuPG is being used for Windows Explorer and Outlook through GPG4win tool which are wrapped in the standard Windows installer to make GnuPG easier to get installed and to be used in Windows systems.
It uses hybrid encryption techniques i.e. it uses a combination of symmetric key cryptography for speed and public-key cryptography for easy secured key exchange. By default GnuPG uses the CAST5 symmetrical algorithm.
As a matter of fact, GnuPG does not use patented or otherwise restricted software or algorithms. Instead, GnuPG uses a variety of other, non-patented algorithms.
It will be clearer that how GnuPG works once we see the working of gpg commands step by step:
Which version of gpg we are going to use?
gpg command to generate keys
Analysis of freshly created directory (.gnupg) and files inside it.
Once you get public and private key. You must keep private key safe, once you forget it then you will never be able to decrypt the data. So, better take private key backup.
Want to see the list of public and private keys?
Encrypt the message for specific recipient
Decrypt the encrypted message
GPG commands explained
Which version of gpg we are going to use?
[vim][sjaiswal@AlienCoders ~]$ gpg –version
gpg (GnuPG) 1.4.5
Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
[vim][sjaiswal@AlienCoders ~/gpg_test]$ gpg –gen-key
gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4094
Requested keysize is 4094 bits
rounded up to 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 3m
Key expires at Mon 03 Feb 2014 04:46:09 AM MST
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: Sanjeev Jaiswal
Email address: sjaiswal@gmail.com
Comment: "GPG Key Test"
You selected this USER-ID:
"Sanjeev Jaiswal ("GPG Key Test") <sjaiswal@gmail.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.++++++++++.+++++++++++++++..+++++..++++++++++++++++++++.+++++++++++++++++++++++++.
+gpg: /home/sjaiswal/.gnupg/trustdb.gpg: trustdb created
gpg: key CBE9BE42 marked as ultimately trusted
public and secret key created and signed.
To generate keys using gpg, it would ask which kind of key you wish to use; you can choose any of the given option. Type 1 or 2 or 5.
Type the keysize between the given range
Then provide the expiration date of key. You can use days,weeks, months, years.
Once you are done with expiration days, use the next option carefully. Type Real name, Email and comment appropriately as it will be used while encrypting the data and will ask the recipient name. it will match recipient name before matching the keys.
Then type anything using keyboard, do mouse activities etc to speed up random generation of keys else it may take lot of time.
Once it will get created, .gnupg directory under your home directory will be there. Use ls to see what all files got created.
Analysis of freshly created directory (.gnupg) and files inside it
gpg.conf -> it contains all options set by you. Unless you specify which option file to use (with the command line option "–options filename"), GnuPG uses the file ~/.gnupg/gpg.conf by default. Check strings gpg.conf for more details.
pubring.gpg -> public key stored here. You should export it in ASCII format to send it to others.
pubring.gpg~ -> backup of public key
random_seed -> it contains all random keys used for encryption that you might be typing while generating keys.
secring.gpg -> it’s the secret key ring and one should keep it safe. Better have its backup
trustdb.gpg -> its trusted db which contains signatures, expiration date etc. and from time to time the trust database must be updated so that expired keys or signatures and the resulting changes in the Web of Trust can be tracked.
Normally, GnuPG will calculate when this is required and do it automatically.
Type the message and save it in text file, let’s say message.txt
[vim][sjaiswal@AlienCoders ~/.gnupg]$gpg recipient Sanjeev Jaiswal –encrypt message.txt
[/vim]
It will create message.txt.gpg , which is an encrypted file. To decrypt it, you need to type passphrase that you had typed while generating keys.
Or
[vim]gpg -r real-name –out secrets_to_aliencoders –encrypt secrets
[/vim]
which will have encrypted message in secrets_to_aliencoders
You need a passphrase to unlock the secret key for
user: "Sanjeev Jaiswal ("GPG Key Test") <sjaiswal@gmail.com>"
4096-bit ELG-E key, ID 38765DB9, created 2013-11-05 (main key ID CBE9BE42)
gpg: encrypted with 4096-bit ELG-E key, ID 38765DB9, created 2013-11-05
"Sanjeev Jaiswal ("GPG Key Test") <sjaiswal@gmail.com>"
Hi
This is Sabnjeev
Or
[vim][sjaiswal@AlienCoders ~/.gnupg]$ gpg –output secrets_from_tom –decrypt secrets_to_aliencoders
[/vim]
Which would save the decrypted message in secrets_from_sanjeev
Editing Key
[vim]gpg –edit-key sjaiswal@gmail.com
[/vim]
There is more:
Photo IDs
GnuPG has the ability to add a photo ID to a public key, exactly as in recent Windows versions of PGP. A photo ID attached to a public key can help other users to identify the owner of the key. To add a photo ID to your own public key, use the command "gpg –edit-key <name>" and then enter "addphoto". GnuPG will ask for the filename of a suitable JPEG. No other types of image files can be used.
If you want to see a photo ID on a particular key, enter the command "–show-photos" before using the command "gpg –list-keys <name>". If <name> is omitted, GnuPG will display all the photos (if any) after listing all the keys in your public keyring. Alternatively, if you want photos to be displayed in all cases by default, you should uncomment the line "# show-photos" in the options file inside !GnuPGUser.
Output of trustdb
[vim][Sanjeev@AlienCoders]$ gpg –update-trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 7 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 7 signed: 3 trust: 0-, 0q, 4n, 3m, 0f, 0u
gpg: the next trustdb check will be done on 2014-02-04
[/vim]
The first line shows you the actual trust policy used by your GnuPG installation, and which you can modify at your needs. It states that a key in your keyring is valid if it has been signed by at least 3 marginally trusted keys, or by at least one fully trusted key.
The second line describes the key of level 0, that is the key owned by you. It states that in your keyring you have one level zero key, which is signed by 7 keys. Furthermore among all the level zero keys, you have 0 of them for which you haven't yet evaluated the trust level. 0 of them are the keys for which you have no idea of which validity level to assign (q="I don't know or won't say"). You also have 0 keys that you do not trust at all (n="I do NOT trust"), 0 marginally trusted keys (m="I trust marginally"), 0 fully trusted keys (f="I trust fully") and 1 ultimately trusted keys (u="I trust ultimately").
The third line analyzes the keys of level 1 in your keyring. You have 7 fully valid keys, because you have personally signed them. Furthermore, among the keys that are stored in your keyring, you have 3 of them that are not signed directly by you, but are at least signed by one of the fully valid keys. The trust status counters have the same meaning of the ones in the second line. This time you have 4 keys signed by you but for which you do not trust at all the owner as signer of third party's keys. On the other side, 3 of the 7 keys that you have signed are marginally trusted. This means that you are only marginally confident that the owners of those keys can verify well the keys that they sign.
[vim][Sanjeev@AlienCoders]$ gpg –check-trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 7 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2014-02-04
[/vim]
If you wish to know other commands that you may use using gpg then try
[vim]man gpg
[/vim] or
[vim]gpg –help
[/vim]
Visitor Rating: 5 Stars