Is It a Best/Recommended Practice to use PAM (Pluggable Authentication Module) in SSH?

Problem scenario
You use Linux and want to configure SSH. Should PAM be enabled in your /etc/sshd/confifig file?

Answer
Maybe. This heavily-voted up answer on StackExchange says to not use PAM.
This external page says that it is turned off by default.
This source says PAM is (or was because it is from 2011) not desirable.

We have found some distributions of Linux have a configuration file for SSH that have "UsePAM yes" by default. According to the Linux Bible (page 618), most Linux distributions use PAM. Some applications use PAM -- not just SSH. PAM can add to the simplification and flexibility of security.

This Stackexchange posting gives mostly favorable encouragement toward using PAM.

For RHEL and Fedora, you probably should use PAM per this website posting.

It is not clear if you necessarily should. Many enterprises do use it, and many modern sources recommend it.

How Do You Search the Logs of a Website that Is Not Functioning Properly?

Problem scenario
You have a website that is not working. You tried using Fiddler on the front-end. You want to examine the logs on the backend to find the problem. What should you do?

Possible Solution #1
Use a case insensitive grep for "error" or "violation". Search also for patterns such as "40" and "50" in separate searches.

To get help finding the logs, you could try Splunk or click on the link below corresponding to the web server technology you use (note that Nginx has two links):

Apache
IIS
Nginx:
Nginx.com
Loginradius.com (for Nginx)
WebSphere

Possible Solution #2 (workaround)
If the website when presented in a web browser (from the frontend) is all white, go here.

If the website when presented in a web browser (from the frontend) is all white and uses PHP, go here.

If the website is powered by GitLab, see this page.

Side note: If you want to configure Nginx to log in a JSON format, see this posting.

Do Either Kernel Space or User Space Play a Role in Operating Systems Networking?

Question
Networking is usually very important for a Linux/Unix OS. For typical applications that use networking, do kernel space or user space play a role?

Answer
Yes, both play a role.

User space facilitates the application layer of the TCP/IP protocol suite; kernel space facilitates the network and transport layers of the TCP/IP protocol suite (this was taken from page 1181 of The Linux Programming Interface, by Michael Kerrisk). Hardware supports the data-link layer of the TCP/IP protocol suite (this was taken from page 1181 of The Linux Programming Interface by Michael Kerrisk).

The Network Access Layer of TCP/IP model is supported by hardware (and not visible to users per Cisco's website).

With client-server interaction, the user interacts with a program (possibly a GUI app) in user space. Before the packets are sent from the local host, behind-the-scenes, the relevant TCP/IP packet transmission exists in kernel space. The packets are assembled on the remote server in its kernel space. Then the application in user space on the remote host would process the data or provide application services.

Without Adding New Storage Capacity, How Do You Create a Partition?

Problem scenario
You have no new physical disks, but you want to partition an existing Linux system. What do you do to benefit from logical partitions on an existing Linux machine?

Solution (with important warning)

WARNING: THIS CAN MAKE YOUR LINUX MACHINE UNBOOTABLE.

DON'T DO IT UNLESS YOU KNOW WHAT YOU ARE DOING.
(The solution below was influenced by this external site.)

sudo fdisk -l

You should see something like this:
Device       Start      End  Sectors Size Type
/dev/sdc4     2048     4095     2048   1M BIOS boot
/dev/sdc5     4096  2101247  2097152   1G Linux filesystem
/dev/sdc6  2101248 20969471 18868224   9G Linux filesystem

Run this:
sudo fdisk /dev/sdc6

Respond to the prompts: n for new. Use "e" for extended. Accept the default patition number and First sector. For the Last sector use +200M or +2G (the number of MB or GB you want the partition to have). If you get a prompt about removing the ext4 signature, we recommend responding with "N" so you do not change it. Use the "w" response at the end to save it. You'll need to reboot the server.

Here are commands and output that you may see:

jdoe@ubuntuserver:~$ sudo fdisk /dev/sda3

Welcome to fdisk (util-linux 2.34).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

The old LVM2_member signature will be removed by a write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x73327c7c.

Command (m for help): 2           
2: unknown command

Command (m for help): n
Partition type
   p   primary (0 primary, 0 extended, 4 free)
   e   extended (container for logical partitions)
Select (default p): e
Partition number (1-4, default 1): 
First sector (2048-18868223, default 2048): 
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-18868223, default 18868223): +1G

Created a new partition 1 of type 'Extended' and of size 1 GiB.
Partition #1 contains a ext4 signature.

Do you want to remove the signature? [Y]es/[N]o: Y           

The signature will be removed by a write command.

Command (m for help): q

jdoe@ubuntuserver:~$ sudo parted -l

How Do You Troubleshoot the OpenVPN Issue “insufficient key material or header text not found in file”?

Problem scenario
You get an error message when you run openvpn. You are trying to start the client service. You get "insufficient key material or header text not found in file". What should you do?

Possible Solution #1
Backup your client.conf file.

Find your tls-crypt.key file. If you have none, run this: 

openvpn --genkey --secret /etc/openvpn/tls-crypt.key

Copy every line in the tls-crypt.key file and paste it into a particular location of the client.conf file. The client.conf file should have a tag. The content should go on the line below. This way what you paste will end above the tag.

This answer is a presentation that was adapted from this website.

Possible Solution #2
Reinstall OpenVPN on the server and on the client. Completely start over.

What Is the Difference between the wheel Group and the admin Group?

Problem scenario
You have seen Linux distributions use wheel whereas some use admin. What is the difference?

Solution
For most purposes, there is no difference.

Many RedHat distributions use wheel (per page 429 of Fedora and RedHat by Sobell).

Ubuntu uses wheel (per this posting).

To add a Linux user to a sudoers file, see this posting. For the correct command to modify the sudoers file, see this posting. If you want to learn about how to modify the sudoers file, see this internal posting. If you need help troubleshooter a modified sudoers file, see this internal posting.

How Do You Get Sunglasses That Do Not Fog Up?

Problem scenario
You have tried different anti-fog sprays on sunglasses. Your sunglasses still fog up when you exercise. What should you do?

Solution
Find sunglasses that have a form factor that allows for more air. They do not wrap completely around your eyes, but they will provide protection as sunglasses. With more air to get around the inside of the lenses, they will not fog up as much.

When browsing for the right pair, look at the pictures carefully to find frames that allow for more space between your face and the inside. There can be tradeoffs with protecting your eyes and allowing air in when working out.

What Is the Default Format for cryptsetup?

Question
You ran some cryptsetup commannds. You passed no --type flag. Was the format luks1 or luks2 or something else?

Answer
luks2.

…more recent Ubuntu releases default to version 2 ("luks2").

https://help.ubuntu.com/community/Full_Disk_Encryption_Howto_2019

As of 2022, you may want to use luks2 when you can -- but do not assume you can. That is, sometimes you still need to use luks1. (See the above link as an example of when you need to use luks1.) Another external page that discusses this is here.

Also the mkfs.vfat -F 16 -n EFI-SP ${DEVP}3 command in the above directions may be wrong. You may need to find the /dev/mapper/foobar value. Run this: ls /dev/mapper/ Which of those files is the correct one you want to make a file system on? You may need to change ${DEVP}3 with the full path /dev/mapper/foobar (where /dev/mapper/foobar is the intended file system).

How Do You Deal with Hamstring Pain?

Problem scenario
You have been sitting for a long time (either driving or using a computer). Now a hamstring is hurting whenever you sit. What should you do?

Possible Solution #1
Talk to a medical doctor about your condition.

Possible Solution #2
You may want an ottoman to stretch your hamstrings while sitting. Some are hollow that can act as a box to not use too much real estate under your desk or in your living room.

Possible Solution #3
To stand more frequently, you could buy a sit-stand table also known as a standing desk. Be aware that the more affordable sit-stand tables may have some potential disadvantages. The tabletops themselves may have seams (to make it easy to transport by having possibly three of four different panels that are assembled); you may want a mousepad or a clipboard to mitigate the seam on the surface of the table. Some affordable models may not go down as far as you would like when you adjust the height.

Possible Solution #4
Stretch your hamstrings and stand more frequently. Are you using a treadmill regularly? It may help to walk/run on real ground.

Possible Solution #5
Be careful to not injure yourself; you may want to do the splits if you can. You may want to start slowly on a bed. It can help you stretch better than if you were just doing conventional stretches. Here are videos to help you:

https://www.youtube.com/watch?v=AgpKg5B_L_4&t=55s
https://www.youtube.com/watch?v=D2jX4sG46YE

Disclaimer: This is not a substitute for medical advice. This informational only.