SHA-1 is no longer considered secure

So, you’re trying to log in to your server using your SSH key, but you’re getting a mysterious error message instead: “userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]“. Frustrating, right?

SHA-1 is no longer considered secure

SHA-1 is no longer considered secure

Don’t worry, you’re not locked out forever. A quick Google search revealed the culprit: SHA-1 is no longer considered secure. Yep, that algorithm used to be the norm for SSH keys, but times have changed, and servers are now stricter.

Now, there are a few ways to tackle this. Some might suggest generating a new key with a more secure algorithm, but hey, we all love a quick fix sometimes. So, the easiest way (at least for now) is to configure your server to accept SHA-1.

Here’s what we did:

1. Run this command: # update-crypto-policies --set DEFAULT:SHA1 (Remember, this is not the most secure option!)
2. Restart the SSH service: # systemctl restart sshd

Voila! You should now be able to log in remotely using your old key.

However, this is a temporary solution. While it gets you back into your server, it’s important to remember that using SHA-1 is not recommended for long-term security. It’s best to consider generating a new SSH key with a more secure algorithm like SHA-256 or ed25519 to keep your server safe in the long run.

Stay secure, friends!

Posted in linux, my life | Leave a comment

regular expression untuk NIP PNS Indonesia

Beberapa waktu lalu ada pertanyaan di komunitas bagaimana regular expression untuk NIP PNS Indonesia? Jadi NIP PNS Indonesia itu ada 18 digit angka semua yaitu terdiri dari 8 angka tahun bulan tanggal lahir ybs (dari tahun 1900 s.d 2099), 6 angka tahun bulan pengangkatan cpns tersebut (dari tahun 1900 s.d 2099), 1 angka untuk jenis kelamin, 3 angka no urut.

Penjelasan NIP PNS Indonesia tersebut bisa diilustrasikan dalam gambar sebagai berikut:

NIP PNS Indonesia

NIP PNS Indonesia

Nah karena deret angka NIP PNS Indonesia memiliki makna dan bagian tertentu yang tidak bisa dipisahkan, sehingga untuk regular expression yang diberikan juga mesti mengikuti ketentuan NIP PNS Indonesia tersebut agar pada saat digunakan dapat berfungsi sesuai dengan harapan.

Saya menggunakan web https://regexr.com/ untuk mencari dan melakukan ujicoba regular expression NIP PNS Indonesia sehingga ketemulah regular expression yang diinginkan sebagai berikut:

^(19\d{2}|20\d{2})(0[1-9]|1[0-2])(0[1-9]|[1-2][0-9]|3[0-1])(19\d{2}|20\d{2})(0[1-9]|1[0-2])(1|2){1}([0-9][0-9][1-9]|[0-9][1-9][0-9])$

Nah jika kalian ingin mencoba penggunakan regular expression NIP PNS Indonesia ini boleh langsung ke sini https://regexr.com/7qrq3 aja.

Posted in linux | Leave a comment

cara copy ssh publik key ke server tujuan/remote pakai command ssh-copy-id

oke, jadi biasanya saya kalau ssh ke server remote memang sudah pakai ssh key aja, males bolak-balik ngetikin password kalau mau nge-remote ke server dan memang cara ini lebih aman daripada pakai password tapi dengan catatan jangan sampai private key nya hilang, karena kalau kita lupa password dan private key hilang maka kita gak bisa masuk lagi ke server tersebut.

nah ini buat yang masih belum bisa login ke server remote dengan ssh key saya bagikan langkah-langkahnya yang simple banget dibandingkan jika dengan kita copas manual keynya ke server remote.

Bikin dulu sepasang ssh key di host lokal.

user01@raspi4:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 22.04.3 LTS
Release: 22.04
Codename: jammy

Continue reading

Posted in linux | Leave a comment

how to sort data in alias column on mysql

so i have been learning mysql syntax about a 5 days now and there is this LENGTH function in mysql that count string length in the column like this:

SELECT id, LOWER(NAME) AS 'Name Lower', LENGTH(NAME) AS 'Name Length' FROM products;



products

id Name Lower Name Length
P0001 mie ayam original 17
P0002 mie ayam baso tahu 18
P0003 mie ayam ceker 14
P0004 mie ayam special 16
P0005 mie ayam yamin 14
P0006 bakso rusuk 11
P0007 es jeruk 8
P0008 es campur 9
P0009 es teh manis 12
P0010 kerupuk 7
P0011 keripik udang 13
P0012 es krim 7
P0013 mie ayam jamur 14
P0014 bakso telor 11
P0015 bakso janda 11

generated 2024-01-06 15:03:33 by HeidiSQL 12.6.0.6765


which lower string on column NAME and alias it to display as Name Lower column, next counting string length in NAME column and display it as alias ‘Name Length’ which is informative for me and i wonder how about i want to sort this alias column ?
Continue reading

Posted in mysql | mariadb | Leave a comment

failed to start mariadb 10.5 on Rocky Linux 8.9

so this is my first post in 2024, probably would write again regularly.

today i try to install mariadb 10.5 on rocky linux 8.9 and it is sucessfully installed but it failed to start.

this is the error message from systemctl status:

# systemctl status mysqld
? mariadb.service - MariaDB 10.5 database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2024-01-03 17:10:09 WIB; 6min ago
Docs: man:mysqld(8)
https://mariadb.com/kb/en/library/systemd/
Process: 807 ExecStart=/usr/libexec/mysqld --basedir=/usr $MYSQLD_OPTS $_WSREP_NEW_CLUSTER (code=exited, status=1/FAILURE)
Process: 1306 ExecStartPre=/usr/libexec/mysql-prepare-db-dir mariadb.service (code=exited, status=1/FAILURE)
Process: 1282 ExecStartPre=/usr/libexec/mysql-check-socket (code=exited, status=0/SUCCESS)
Main PID: 807 (code=exited, status=1/FAILURE)

Jan 03 17:10:09 SERVER systemd[1]: Starting MariaDB 10.5 database server...
Jan 03 17:10:09 SERVER mysql-prepare-db-dir[1306]: Database MariaDB is not initialized, but the directory /var/lib/mysql is not empty, so initialization cannot be done.
Jan 03 17:10:09 SERVER mysql-prepare-db-dir[1306]: Make sure the /var/lib/mysql is empty before running mysql-prepare-db-dir.
Jan 03 17:10:09 SERVER systemd[1]: mariadb.service: Control process exited, code=exited status=1
Jan 03 17:10:09 SERVER systemd[1]: mariadb.service: Failed with result 'exit-code'.
Jan 03 17:10:09 SERVER systemd[1]: Failed to start MariaDB 10.5 database server.

after searching google for possible solution, then i realize that mysql directory is already exist on /var/lib and it contains data in it.
Continue reading

Posted in linux, my life, mysql | mariadb | Leave a comment