Setting up LUKS 2 – Keeping the Data Safe – Securing a System
We can now look at the LUKS key slots. You should see the key in the second slot now.As seen in the following screenshot, slot 1: is populated with a key: Figure 9.7 – LUKS with the second slot used…
Setting up LUKS – Keeping the Data Safe – Securing a System
Setting up LUKS dnf -y install cryptsetup clevis clevis-luks clevis-dracut [root@clevis ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTsda 8:0 0 100G 0 disk├─sda1 8:1 0 1G 0 part /boot └─sda2 8:2 0 72.9G 0 part├─ol-root 252:0 0 50G…
Validating adherence to a compliance policy – Keeping the Data Safe – Securing a System
Validating adherence to a compliance policy Securing systems is much more than encrypting data at rest or in motion. Many configuration files should be checked, along with other common security settings. This can be done automatically using Security Content Automation…
Validating adherence to a compliance policy 2 – Keeping the Data Safe – Securing a System
The families of profiles included are as follows: When picking a standard, you can use the default generic standards (such as the Standard System Security Profile for Oracle Linux 8 found at https://static.open-scap.org/ssg-guides/ssg-ol8-guide-standard.html) or a standard that aligns with the…
Port protection and restricting network access – Keeping the Data Safe – Securing a System
Port protection and restricting network accessOracle Linux has a firewall built into the distribution. This firewall is called firewalld, short for firewall daemon. firewalld is a dynamic firewall management tool used on Linux systems that provides a simple and consistent…
Port protection and restricting network access 2 – Keeping the Data Safe – Securing a System
Adding new rules is easy to do. A rule can be added using the service name (found in the /etc/services file) or the port number. The most common task is to add a common user service, such as http or…