Today I am going to be looking GnuPG as a continuation of my delve into Practical Linux Topics. As described on https://www.gnupg.org/, GnuPG is a free implementation of OpenPGP which is used to encrypt and sign data and communications using a public/private key infrastructure. It can be used to encrypt and digitally sign emails, encrypt files, and to secure SSH tunnels. In this post I am going to look at some fundamental configuration and usage of GnuPG for encryption.  

When running a server of any volume, it is likely that there is sensitive data stored on it. Knowing how to destroy that data with confidence is an important skill for any system admin. Luckily Linux has several utilities that can be used to securely wipe partitions, drives, and even an entire server. The tools that I will be looking at are shred, dd, wipefs, and DBAN.

To continue my series on Practical Linux Topics, I’ll now jump into SELinux. SELinux in itself is a topic deserving of its own class. As I’ve been studying it I’ve pulled many resources for info. The chapter in Practical Linux Topics best serves as an introductory rather than a complete overview of the topic.

Straight from the man page, “SELinux is a security enhancement to Linux which allows users and administrators more control over access control (What is SELinux, 2017).” It does this by using targeted policies to enforce access controls. Particular to SELinux is also the segregating of applications to ensure they are only accessing what they need and not crawling around the filesystem. Read more