Comments for Aaron Toponce Linux. GNU. Freedom. Thu, 10 Jan 2019 19:57:28 +0000 hourly 1 Comment on ZFS Administration, Part IV- The Adjustable Replacement Cache by Peter Swiatkiewicz Thu, 10 Jan 2019 19:57:28 +0000 Is this OK in your article:

# zpool add tank cache \
/dev/disk/by-id/ata-OCZ-REVODRIVE_OCZ-33W9WE11E9X73Y41-part2 \
/dev/disk/by-id/ata-OCZ-REVODRIVE_OCZ-X5RG0EIY7MN7676K-part2 \
log mirror \
/dev/disk/by-id/ata-OCZ-REVODRIVE_OCZ-69ZO5475MT43KNTU-part1 \

And later on:

# zpool status tank


mirror-1 ONLINE 0 0 0
ata-OCZ-REVODRIVE_OCZ-9724MG8BII8G3255-part1 ONLINE 0 0 0
ata-OCZ-REVODRIVE_OCZ-9724MG8BII8G3255-part2 ONLINE 0 0 0

Looks like /dev/disk/by-id/* do NOT match... or... I am missing something?

Comment on Time Based One Time Passwords - How It Works by Vito Tue, 25 Dec 2018 22:26:29 +0000 Hi, Thanks for great explanation.
You should add that in TOTP has essential requirement: server and client app should be time synchronized. I suppose that for 2FA is good to show time on server to verify or configure(calibrate) TOTP application.

Comment on ZFS Administration, Part III- The ZFS Intent Log by Brandon Doyle Mon, 17 Dec 2018 02:18:19 +0000 Just a quick question - regarding your estimations of life-expectancy of the SSD, that's only for the ~several GB partition you're using, correct? So one 60 GB SSD with a 5 GB partition could last ~12 times that estimation for just a 5 GB partition. So every few years, create a new partition, remove that which is currently added to the pool, and add the new to start writing to a new portion of the space?

Or do the algorithms/code not work this way?

Comment on Playing Card Ciphers by Cosmin Fri, 07 Dec 2018 11:52:30 +0000 /6♥7♠8♣2♠6♣A♣2♣Q♠7♠5♣ 6♠3♠A♣A♠9♣6♠8♣5♠2♠6♠5♣2♣5♠5♣5♣4♣5♣5♠3♠5♣4♣5♠2♠ __ 5♠5♣K♣9♣6♣A♣6♠2♠Q♣Q♣A♣7♠9♣ __ 6♠A♣8♠Q♣8♣8♠4♣6♠2♠A♠ T♥T♥A♠9♣3♣J♣3♣A♣7♣5♣A♦ Do you have a clue about the coding message? should be a name]]> K♥/6♥7♠8♣2♠6♣A♣2♣Q♠7♠5♣
__ 5♠5♣K♣9♣6♣A♣6♠2♠Q♣Q♣A♣7♠9♣ __

Do you have a clue about the coding message? should be a name

Comment on ZFS Administration, Part XIV- ZVOLS by Aurélien DESBRIÈRES Thu, 06 Dec 2018 09:38:28 +0000 Impressive works!

Comment on ZFS Administration, Part XVII- Best Practices and Caveats by Stanley Wed, 28 Nov 2018 03:30:40 +0000 Thanks so much for such informative guide. I just set up my ZFS on Ubuntu with its help!

I have a question now though: there is a dataset that I want to split into 2. The split is just one of the directories. Is there a best practice on how to do it inside ZFS? I am hoping not to have to manually create a new dataset and do the move which will add unnecessary fragmentation on the underlying disks...

Thanks again!

Comment on Automating Debian/Ubuntu Installs With Preseed by akshay Tue, 20 Nov 2018 09:47:27 +0000 Great post.Thanks for sharing. keep going

Comment on Firewire Networking In Linux by Götz Sun, 18 Nov 2018 14:42:22 +0000 What does iperf say?

Comment on Let's Talk Password Hashing by Hans Sat, 10 Nov 2018 10:38:34 +0000 "Never roll your own" - see anything wrong with this?
1: sha2-384 hash the password
2: base64-encode the hash
3: bcrypt the 64-byte base64-encoded sha2-384 hash

why? primarily, it bypasses 2 issues, 1: bcrypt only support passwords up to 72 bytes, this scheme supports any length. 2: many popular bcrypt implementations stop at the first null-byte, which means binary passwords (which may be used by robots/scripts) may inadvertently become very weak, eg if the password is "x33\x00", on most bcrypt implementations, the password simply becomes `3` because hex 33 is ascii 3, and the 00 is treated as end of string.. base64 never emits null bytes, which means your robots/scripts which create their passwords based on /dev/urandom will be safe.

Comment on Automating Debian/Ubuntu Installs With Preseed by sadha onnisa Fri, 09 Nov 2018 12:18:43 +0000 I really appreciate information shared above. It’s of great help. If someone want to learn Online training, kindly contact us

Comment on Automating Debian/Ubuntu Installs With Preseed by michael techenoid Fri, 09 Nov 2018 08:36:05 +0000 really this post values for us

Comment on Real Life NTP by Matt Wed, 17 Oct 2018 06:05:10 +0000 Thanks Aaron, great article.

Comment on The Lagged Fibonacci Generator by Girkov Arpa Sun, 14 Oct 2018 17:10:00 +0000 Very interesting article!

Comment on The One-Time Pad Hard Drive by Hard Disk Price Wed, 10 Oct 2018 10:39:34 +0000 One time apd hard drive. Frankly speaking I was not understand when I start reading your article but once I tried to understand then I got exact information about what I want.

Comment on Latin Squares, Mathematics, and Cryptography by Girkov Arpa Mon, 24 Sep 2018 01:16:07 +0000 "First, suppose I give you a partially filled Latin square as a "public key", with instructions on how to encrypt with it. I could then use my fully filled Latin square "private key", of which the public is a subset of. Using this private key, with some other algorithm, I could then decrypt your message."

What 'instructions' and 'algorithm' could one use to get this cryptosystem to work?

Comment on Latin Squares, Mathematics, and Cryptography by Girkov Arpa Sun, 23 Sep 2018 20:38:40 +0000 "As such, this builds a good foundation for public key cryptography, as briefly outlined here."

I click on the link but it talks only about secret-sharing, not public key cryptography. Is secret-sharing somehow a type of public key cryptography?

Comment on Automating Debian/Ubuntu Installs With Preseed by Nancy nanck Mon, 10 Sep 2018 17:33:59 +0000 RPA training in Hyderabad. We are providing rpa training with real time industry expert,we also providing 100% job assistance.

Comment on ZFS Administration, Part VIII- Zpool Best Practices and Caveats by sherpa Tue, 04 Sep 2018 10:08:18 +0000 what is recommended way of creating data pool if i have 13 x 5TB disks ? i could see in zol blogs that large disks should not be used with raidz but its not clear enough

Comment on Getting Up To 8 Possibilities From A Single Coin Toss by Anonymous Sat, 11 Aug 2018 19:47:34 +0000 You should that (in an appropriate mathematical sense) most of probability theory can be constructed using sequences of coin tosses. More precisely, the most commonly used stochastic processes can be defined on a probability space that is "isomorphic" to the space of countably many coin tosses. In some sense, coin tosses aren't limiting at all!

Comment on Automating Debian/Ubuntu Installs With Preseed by Linux training Thu, 09 Aug 2018 09:00:21 +0000 Thanks for the awesome tutorial.

Comment on Use A Good Password Generator by Joshua Mertens Tue, 07 Aug 2018 07:07:35 +0000 Password should be not simple, because it's very simple anybody can crack it. There has to be a complex combination of numbers, characters and special characters. There are lot of online password generator tools available like which can be used to generate really strong passwords.

Comment on Use A Good Password Generator by Antony Kidless Thu, 02 Aug 2018 17:03:18 +0000 Recently I made a progressive web application that generates strong and random passwords in a click

Comment on CPU Jitter Entropy for the Linux Kernel by Alexander Tue, 17 Jul 2018 15:53:18 +0000 Although the code is in the kernel looks like jitterentropy does *not* feed into /dev/hwrng. Or am I missing something? But still jitterentropy-rngd [1] is useful as a pure user-space daemon.


Comment on Use A Good Password Generator by Peter Sun, 15 Jul 2018 15:00:40 +0000 Thanks for the very interesting page about password generation!

I'm chasing online for a pw generator to put in the hands of our users, but all I found so far is missing something. Gets the feeling that you would be the man to create the dream generator based on Stanford password policy and Diceware wordlists, generating four passwords to choose from:

9-11 characters containing mixed case letters, numbers and symbols.
12-15 characters (3 words) with mixed case letters and numbers.
16-19 characters (words) with mixed case letters.
20+ characters with just lowercase words.

Think many happily would pay to get it on their intranet. Right?

Comment on Use A Good Password Generator by Bo Kersey Wed, 13 Jun 2018 20:15:45 +0000 Aaron, as always your articles are informative, fairly concise and you do a great job of making the complex easier to understand.

one typo that I found..... s/eded/ed/ over the page and you'll fix it 🙂


Comment on Newsbeuter, Mutt and Google by sherrily6 Lane Wed, 13 Jun 2018 06:18:41 +0000 Formatting a hard drive allows you to use it on your computer to store files and install programs on. The format you choose for the drive determines the drive's compatibility. Formatting a drive will erase all of the data currently on the drive, so ensure you have everything you need backed up.

Comment on Use A Good Password Generator by Alexander Boese Wed, 13 Jun 2018 03:09:12 +0000 I created a password generator tool that uses cryptographically secure hashes for generation. Would you mind looking at it, and giving me feedback. If you think it's any good, I can share the generation code, though I'm trying to get more reviews prior to releasing as open source.

DyfynderX on iOS

Thank you.

-Alex Boese

Comment on ZFS Administration, Part III- The ZFS Intent Log by Michel Erb Wed, 30 May 2018 17:08:57 +0000 To confirm an assumption, if this statement is true "ZFS will wear the SSD correctly. The partition will move across the chips evenly, and every chip will get the same amount of wear as the rest.", that means a larger disk, with more chips, takes more time to wear out or the smallest disk, is not always the best option considering longevity.

Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Poul-Henning Kamp Mon, 28 May 2018 07:16:20 +0000 A few factual corrections and deeper background:

MD5crypt() did not replace the traditional DES-derived UNIX crypt(), but rather an even worse stand-in which only existed because DES was under export-control from the USA at the time. We had the DEScrypt() source, we just could not distribute it without a DoD license.

I knew at the time that hardware implementations of DES were available, and from personal experience that you didn't really need them if you took the time to hand-tweak your assembly code, so DEScrypt was not particular desirable, even if we obtained an export-license.

The choice of MD5 was driven entirely by the source-distribution issue, MD5 was published in an RFC and licensed for any use (whereas the slower, and therefore more desirable MD2 was only licensed for email.) and there were no export-control on one-way algorithms.

The things I focused most on with MD5crypt increasing the runtime in a way which could not be trivially pipelined (ie: data dependence) and on improving the environment for crypt() implementations (ie: longer salt, longer passwords, longer stored results.)

The fact that the runtime depended on the length of the password was considered and ignored: I would be more than happy with the increased security if I could get people to use 8 or 10 char passwords, never mind 17 and up, instead of just eight.

The most important thing I did was the $1$ prefix, which allowed multiple password algorithms to coexist. I pointed out at the time, that allowed you to change the algorithm at any time, as long as you also supported the old algorithms until old passwords were changed (Best practice at the time was 3-6 month between forced password changes).

...and then people did the exact opposite, they all copied & pasted MD5crypt all through the dot-com madness until a researcher told me that he estimated most passwords in eCommerce and half of all passwords in the world were protected by MD5crypt.

As for the OpenBSD people trash-talking MD5crypt:

I never aspired to be or claimed to be a cryptographer, and the **only** reason I have ended up writing some rather consequential cryptographic source code, is that the real card-carrying cryptographers seldom do so and never in a timely fashion.

Bcrypt, scrypt and Aragon2 are without dispute superior to MD5crypt() on all metrics except the most important one: MD5crypt() were there in 1994, as open source and a readily usable software component, they were not.

So yes, I felt the OpenBSD people were a little bit too snotty when they came walzing in five years later, and pissing down on me from my own shoulders felt particular unfair: I paved the road they drove on.

Otherwise: A nice writeup, and sound advice for this day and time.

PS: Here is my own write-up of md5crypts history:

Comment on Use A Good Password Generator by guest Sun, 27 May 2018 17:52:36 +0000 I'd definitely suggest looking at 's idea of Readable Passphrases, which generates a syntactially valid (nonsense) sentence. It's my personal favorite that I've seen -- I find them EXTREMELY memorable, and I'd like to see more people use that.

Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Aaron Toponce Fri, 25 May 2018 22:29:05 +0000 Polynomial functions are defined as a function that is quadratic, cubic, quartic, quintic, etc. that involve non-negative factors of x. In other words:

f(x) = anxn + an-1xn-1 + ... + a2x2 + a1x + a0

The sha256crypt and sha512crypt functions are polynomial, because it is quadratic function.

Exponential functions are defined as a function whose variable x appears as an exponent. In other words:

g(x) = bx
Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Raphael M Fri, 25 May 2018 20:13:30 +0000 Great post but i have a question. Big-O's sha512 is polynomial, why is polynomial?

Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Aaron Toponce Fri, 25 May 2018 03:28:18 +0000 PBKDF2 is not exactly "10k iterations of SHA-256". First, PBKDF2 is an arbitrary length output function. A user may request any arbitrary amount of data. The typical usecase is to request key material, so 16 bytes, 32 bytes, and 64 bytes are most common. However, you could request 50 bytes of data, or 33 bytes, or 400 kilobytes if you wanted. SHA-256 is a fixed length digest function, that always outputs 256-bits or 32-bytes of data.

Second, PBKDF2 has a pluggable architecture. Any cryptographic hashing primitive may be used. Common functions are MD5, SHA-1, SHA-256, and SHA-512. PBKDF2 is typically used with HMAC, although if the cryptographic hashing function supports keying, like BLAKE2, then HMAC is unnecessary. SHA-256 is a static function, without any ability to plug something else into it. It's a foundational cryptographic primitive. Bruce Schneier called hashing functions the work horse of cryptography.

Thirdly, PBKDF2 requires salts to prevent rainbow table attacks on the generated output. SHA-256 does not. This doesn't prevent you from prepending or appending salts to your input, but this is something that you have to manually add as part of your application, as SHA-256 doesn't support it natively.

Finally, PBKDF2 is a complex "belt-and-suspenders" construction. The "H" in that diagram is your plugged-in hashing function (could be SHA-256, could be BLAKE2). However, SHA-256 uses the Merkle-Damgaard construction, which is a very different construction from PBKDF2.

And Chris C was correct- PBKDF2 is a sound cryptographic primitive. A homebrew design, such as "10k iterations of salted SHA-256", is not a sound cryptographic design.

Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Chris C Thu, 24 May 2018 23:54:25 +0000 @David, I think the keyword here is "homebrew". PBKDF2 does specific things between each iteration... a homebrew may not do the right thing, or anything at all.

Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by David Thu, 24 May 2018 20:02:56 +0000 It's funny that you're recommending PBKDF2, but also warn against "10k iterations of salted SHA-256 etc.". PBKDF2 is exactly that - iterative hashing with a salt - and most implementations do in fact employ SHA-256.

Comment on Digest Algorithms in Google Spreadsheets by Hubert Wed, 23 May 2018 15:29:21 +0000 Hi, I want to use your script to mask personal data in my spreadsheets. But how can I force UTF-8 character set of the input string?

Comment on New Email Signature by Atwora Sun, 13 May 2018 18:21:35 +0000 Just Watch out for common problem with too many links in footer. It is commonly forbid by mailboxes robots to accept messages with too many links. And many companies stil try to place as many links to their offers / social media / etc. in footer messages as possible. Resulting in landing into a spam folder...obviously 😀

Comment on Adblockers Aren't Part Of The Problem- People Are by Trochetutrochetam Sun, 13 May 2018 16:56:10 +0000 Yep, totally agree with you. On my websites / portals / blogs I deliver ads that are not aggressive or dont follow users screen. If someone counts on generating income from such huge attack of advertising just after someone enters their website are far from earning anything.
Yet, most of webmasters doesn't seem to understand it. Needles to say, that many of suspicious ads like "congratz you won XXXX billion dollars" may have malicious software uploaded alongside page load. such website is right after marked as insecure and a webmaster goes even lower on search results.

Comment on Bitcoin Mining Rate and Waste by Dozwiedzenia Sun, 13 May 2018 16:51:19 +0000 There was a time where mining bitcoins was a good choice. So probably having a good hardware and a good source of electricity (cheap I mean) it would be still possible to get some good source of coins in averade period of time.
The problem is with the banks, that are reluctant to accepting bitcoins

Comment on Use A Good Password Generator by Michal from Sun, 13 May 2018 16:47:02 +0000 To be honest never thought about it this way. Reffering to WordPress sites, I used brute-force protection provided by premium extensions and a key weification tool, that forbid using weak passwords. Whats more I blocked countries known from their source of common attacks and developed a policy of auto-ban repeating offenders.

I'm programist but need to escalate the topic. Thanks!

Comment on What About Interoperability? by Hotelepremium Thu, 10 May 2018 22:53:36 +0000 Each day they develop better drives for save disk space. Have you tried SSD? Maybe you should also consider better compression for files?

Comment on Cocytus by VisitON Thu, 10 May 2018 22:41:43 +0000 Greek mythology is fascinating. Especially, that nowadays we quite miss the great and interesting stories from the past. It influences tourist and makes them come more often to greece.

Comment on Use A Good Password Generator by Michael Thu, 03 May 2018 14:49:41 +0000 How about adding keepass to your chart

Comment on Linux Kernel CSPRNG Performance by Craig Sun, 29 Apr 2018 20:35:51 +0000 I suggest GPG add a user settable variable to adjust calculation of entropy depletion per byte read from /dev/random. Instead of

ee = ee - #bytes_read


ee = ee - #bytes_read / k

-- k is a settable ratio (secure_bytes_out / bytes_in)
-- bytes_in is the number of bytes used to initialize the CSPRNG
-- secure_bytes_out is the number of (consecutive) output bytes which can be leaked before security is compromised.

Currently k is implicitly one (1), which is the smallest possible value. Safe if enforced, but impractical and unsafe as it leads to admins bypassing the entropy estimate throttle using rnd-tools and reading from /dev/urandom or /dev/hwrnd. It leaves an opening for Java malware to call "SecureRandom" (which reads /dev/random) in a tight loop. Much better to have k set to 1024 which would (1) throttle the tight snoop loop (2) prevent use of /dev/random while it was in an unsafe externally known state (3) allow most normal usage cases without hanging or resorting to rnd-tools (4) if hanging did occur, it would be unusual and alert admin to possibility of snooping.

"The boy who cried wolf" springs to mind.

Comment on Why A Dark Blog Theme? by IT Sat, 28 Apr 2018 07:42:13 +0000 How the time is changing, Before 10 years Dark theme now Soft and white,

Comment on Use A Good Password Generator by xeni Wed, 25 Apr 2018 07:08:14 +0000 The more random and mixed-up you make it, the harder it is for others to crack. Mind you, if your password is compromised, the password crackers will even take over your identity.

I wrote an article on Best Passwords to use

Comment on Use A Good Password Generator by Conor Mon, 23 Apr 2018 20:48:39 +0000 Thanks for taking the time to conduct this research and then share it with the community!

I see LastPass and Dashlane in the spreadsheet, but not 1Password or Keeper. Any chance you'd consider reviewing them and adding them to the spreadsheet?

Comment on Use A Good Password Generator by Adrien Mon, 23 Apr 2018 18:53:44 +0000 For Server vs. Client Generation, you can use something like uMatrix for Firefox, and disallow any XHR for the page. In this case, the JavaScript can do a lot, but not communicate with a remote server.
Unless there is some unknown avoidance method I'm not aware of.

Comment on Use A Good Password Generator by guest Mon, 23 Apr 2018 16:28:00 +0000 1. Block range not used IP and system processes with firewall.
2. Track own internet connection, for example from with own router.
And from own computer.
You will see tightness firewall and which process use your internet.
3. If you can, use gpg key, this is password but longer.
GPG key can be stolen, but password also. You can enable the system notification if the key is used. But to make sense, you need to protect the system from editing system files.
4. If you can, keep track of when your password is used. Because password and key does not give safety. Security gives only the address when it can only be yours and when nobody can use your computer for use your address.
For example:
When you write in chat,
someone may impersonate a friend.
When you call to friend on the phone,
even if someone else takes over the phone you will recognize him, in a voice. Because usually you know his voice very good and often also from real life. From chat, if this is not with video and sound, what you will see ? Tahoma or other font, which use 1 billion people or more ?

Comment on Let's Talk Password Hashing by mGalli Thu, 15 Feb 2018 18:04:15 +0000 There is an error on the description of Argon2 algorithms. The Argon2i is more suitable for key derivations AND password hashing.

Page 3, Our Solution section of Argon2: the memory-hard function for password hashing and other applications. Please check the documentation here

"Argon2i uses data-independent memory access, which is preferred for password hashing and-based key derivation"