This text is supposed to be a quick crash course on the different keys used in SSH servers, and how to generate and use them in Yocto.
Continue reading...yocto
Fuzzing Yocto Kernel Modules with Syzkaller
As a follow-up to my black-box fuzzing text, I will present a more accurate approach to fuzzing using Syzkaller and grey-box fuzzing.
Continue reading...Raspberry Pi 4, LetsTrust TPM and Yocto
Getting LetsTrust TPM module working with Yocto was fairly simple but there were a few things I learned along the way that may be worth sharing.
Continue reading...Yocto Hardening: Measured Boot
So far we have mostly been focusing on hardening the kernel and userspace, but this time we will zoom out a bit and take a look at securing the entire system.
Continue reading...Yocto Emulation: Setting Up QEMU with TPM
Last time we got QEMU to launch u-boot, started kernel, and mounted a virtual drive. This time we are “just” going to add a TPM device to the virtual machine.
Continue reading...Yocto Emulation: Setting Up QEMU with U-Boot
Yocto provides a script for using QEMU in the form of runqemu. However, that script just boots up the kernel using whatever method QEMU considers the best.
Continue reading...Yocto Hardening: Kernel and GCC Configuration
This time we’re going to be doing two things to improve the security: hardening the Linux kernel, and setting hardening flags for GCC.
Continue reading...Aioli Audiostreamer: Music To The People
Instead of getting the streaming working robustly, I chose to add a Bluetooth connection between the Raspberry Pi and an external audio source.
Continue reading...Yocto Hardening: Firewalls, Part 2: firewalld
Find all of the Yocto hardening texts from here! People often ask me two things. The first question is “Why did you choose to write this...
Continue reading...Yocto Hardening: Firewalls, Part 1: nftables
Find all of the Yocto hardening texts from here! The eternal task of making the Yocto Linux build an impenetrable fortress continues. Next, we’ll look into...
Continue reading...
