In this blog text I’ll briefly cover how to use fscryptctl to encrypt and decrypt directories in an embedded Linux system.
Continue reading...Yocto Hardening: File System Encryption with fscrypt
Let’s continue encryption with the second part and move on to file system encryption.
Continue reading...Yocto Hardening: Block Device Encryption with dm-crypt
Data safety is crucial in the embedded systems. The devices can store information that should be kept secret. Encryption can be used to achieve exactly that.
Continue reading...Linux Initramfs, With and Without Yocto
Let’s get started with an introduction of what an initramfs is, and then get into more technical stuff.
Continue reading...The First Steps With Buildroot
This text contains instructions on how to get started with Buildroot and some first impressions from a long-time Yocto developer.
Continue reading...Building a Karaoke Machine with Linux and UltraStar
Lately, the blog posts here have been quite serious: TPMs, virtualization, integrity checks, etc. However, those things are not the best thing about computers.
Continue reading...Yocto Hardening: IMA and EVM
Let’s continue measuring where we left off, move from the bootloader side to the kernel world, and try out the IMA, integrity measurement subsystem in Linux.
Continue reading...Disabling Shell History File from BusyBox
Here are my tricks for disabling shell history files (~/.ash_history and ~/.hush_history) from BusyBox shells ash and hush.
Continue reading...Fuzzing Remote Targets with Syzkaller
This is the promised follow-up to my earlier Syzkaller text. This time I’ll show how to make Syzkaller work on an actual hardware that is not emulated.
Continue reading...Adding Key-Based SSH Authentication to Yocto
This text is supposed to be a quick crash course on the different keys used in SSH servers, and how to generate and use them in Yocto.
Continue reading...
