Nmap giving different result between Mac OS scan and Linux (Kali) scan

I try to do a simple TCP scan on an Kubunt VM (is on VirtualBox), from two different OS. From the Host (Mac OS system) and from a Kali Linux VM (tried VirtualBox and Parallels also). Kali Linux (same result VirtualBox and Parallels) gives:

enter image description here

From Mac OS (run with root privileges, to simulate the same scan from Kali):

enter image description here

So run a Nmap scan from Mac OS gives more open ports on the same VM, with the same privilege of scan, etc. Mind blowing…

If I scan just a port (from Kali VM) try the 110, the result is that is closed:

enter image description here

Why is it happening?

Using WinSCP to connect Windows Client to Linux server

I am trying to understand how to set up an SFTP connection between Windows 7 PCs (yes, these PCs will be supported through part of next year) to a Linux Server. I think I’m finally getting it – but it’s the where to put things and how to actually connect that I’m not following.

I’m testing all of this out in a test lab before these new Linux Servers go out. I have generated a key pair. I’ve given the public key to my test server admin, who has placed it in /root/.ssh/authorized_keys (is this the correct location?) on the Linux server.

I have placed my private key in \Users\user\.ssh\keyname.ppk on my Windows PC. Is that correct?

And now I am trying to write a test batch script that will create a .dat file with my connection command, my PUT and GET commands, and which will be called by WinSCP to connect to that server and run those commands. If I can get this working, I will be using this same batch code and WinSCP call in several different scripts which currently use FTP, not SFTP.

What I’m not sure how do is how to connect. I have the call to my .dat file –

winscp /script=\temp\sftp.dat 

But my current authentication method is to use a username/password combination – here is the first line of the .dat file:

open sftp://username:password@servername -hostkey="ssh-ed25519 xxxxxxxxxxxx"         

…but username/password authentication will not be available to me. So how do I connect with just the key pair? Is there a particular line I need to write in place of that open sftp line for it to connect?

Support for signed SSH certificates – Windows 10 OpenSSH to Linux

“OpenSSH for Windows” version OpenSSH_for_Windows_8.0p1, LibreSSL 2.6.5 Client OperatingSystem Windows 10 Enterprise

Does OpenSSH for Windows support signed certs?

I feel like it does, as ssh-keygen picks up the certificate no problem. However, it doesn’t want to connect. The same steps seem to work fine from linux.

 Directory of C:\hi 11/04/2019  01:18 PM             2,013 GregDFO-cert.pub 04/16/2019  09:07 AM             1,854 GregDFO-private.key 04/16/2019  09:31 AM               389 GregDFO-public.key  C:\hi>ssh-keygen -Lf GregDFO-cert.pub GregDFO-cert.pub:         Type: ssh-rsa-cert-v01@openssh.com user certificate         Public key: RSA-CERT SHA256:Ccox9NCf/HBjzFxRE76XsnTT9k0vbmRB4/j5qX95WkQ         Signing CA: RSA SHA256:3axo+wPqiszHOTKy94Tk2gj4S6Rb6uGWKcB4s059bvg (using ssh-rsa)         Key ID: "root"         Serial: 17890926214909873034         Valid: from 2019-11-01T08:52:18 to 2019-11-13T19:52:48         Principals:                 cormierg         Critical Options: (none)         Extensions:                 permit-pty 

However, when trying to use it, ssh spits out invalid format

C:\hi>ssh -i GregDFO-private.key -i GregDFO-cert.pub cormiergr@1.2.3.4  Enter passphrase for key 'GregDFO-private.key': ***** Load key "GregDFO-cert.pub": invalid format 

A few extra verbose tidbits:

Enter passphrase for key 'GregDFO-private.key': debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: GregDFO-cert.pub RSA-CERT  SHA256:Ccox9NCf/HBjzFxRE76XsnTT9k0vbmRB4/j5qX95WkQ explicit debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: GregDFO-cert.pub RSA-CERT  SHA256:Ccox9NCf/HBjzFxRE76XsnTT9k0vbmRB4/j5qX95WkQ explicit debug1: sign_and_send_pubkey: no separate private key for certificate "GregDFO-cert.pub" Load key "GregDFO-cert.pub": invalid format debug2: we did not send a packet, disable method debug1: Next authentication method: keyboard-interactive 

Encrypt folder on Linux that can only be decrypted on that specific OS and device

Suppose I want to give a computer to someone that runs an application. I want to avoid that the program can be copied to another computer or be tampered with. For that, I want to encrypt the folder that contains the program and would like to make it so that only the host OS (Linux) on that device can decrypt it (ie. also avoid moving the disk between computers). There is no TPM in the computer. Secure boot is already running, but is seems that this gets reset when resetting the CMOS. The application requires network, so that is already available.

Is this possible? I don’t really see how this can be done, if possible. And it not, how far can I get to make it as difficult as possible?

Is it possible to tunnel my whole linux machine through http proxy?

For some reason i access my internet through a HTTP proxy.

Is there a way to tunnel my whole Linux machine (currently am using ubuntu 18.04) through http proxy.

If i change proxy setting in the Ubuntu Network Settings the http proxy only works on the browsers. Other apps are left out.

My current workaround is using a Linux VPN CLI which allows connecting through a http_proxy then tunnel the whole machine through VPN traffic (a service i really dont need)…this is also a bit costly since i have to pay for the VPN.

I am guessing using stunnel might work since i noted Linux VPN CLI use stunnel??

Why is Debian not showing the GPG signatures on keys that Arch Linux is?

I downloaded a Qubes OS ISO and I’m trying to verify its legitimacy using this guide. GPG was behaving weirdly, so I created a separate user with a separate keyring to reproduce the issue.

When I try to verify the key on my Debian system, the signature on the release signing key is not there:

$   gpg --fetch-keys https://keys.qubes-os.org/keys/qubes-master-signing-key.asc gpg: directory '/home/test/.gnupg' created gpg: keybox '/home/test/.gnupg/pubring.kbx' created gpg: requesting key from 'https://keys.qubes-os.org/keys/qubes-master-signing-key.asc' gpg: /home/test/.gnupg/trustdb.gpg: trustdb created gpg: key DDFA1A3E36879494: public key "Qubes Master Signing Key" imported gpg: Total number processed: 1 gpg:               imported: 1 $   gpg --fetch-keys https://keys.qubes-os.org/keys/qubes-release-4-signing-key.asc gpg: requesting key from 'https://keys.qubes-os.org/keys/qubes-release-4-signing-key.asc' gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" imported gpg: Total number processed: 1 gpg:               imported: 1 $   gpg --list-sigs "Qubes OS" pub   rsa4096 2017-03-06 [SC]       5817A43B283DE5A9181A522E1848792F9E2795E9 uid           [ unknown] Qubes OS Release 4 Signing Key sig 3        1848792F9E2795E9 2017-03-06  Qubes OS Release 4 Signing Key $   

I expected another line with a signature from the master key, such as

sig          DDFA1A3E36879494 2017-03-08  Qubes Master Signing Key 

Surprised, I decided to check on another system. This one is running Arch Linux. I trust it less than the Debian system. Perplexingly, the signature does show up — the output is just as above, but with the added signature line.

The GPG version is 2.2.17 on both machines.

What could be causing this discrepancy?

Are HP laptops generally incompatible with linux?

I’m looking to buy a new laptop and find the HP Envy x360 15t a really good laptop in terms of specs and affordability. But, one of my colleagues told me that hp laptops usually have a lot of driver problems with linux. And, I also saw a lot of forums about driver problems with linux on hp laptops.

I don’t want to spend too much time banging my head to solve driver problems after buying a laptop (I mean who does?). So, if that’s the case I would just buy a Dell (slightly more expensive).

So, I would like to know if any of you guys had (or didn’t have) any problems with Linux on your hp laptops. I’m talking any problem from the wifi and touchpad to touchsreen and tablet mode (don’t really know if tablet mode’s supported on linux).