It seems that the even the most recent version of GRUB2 doesn't support LUKS2 with the PBKDF Argon2ID ([source](https://wiki.archlinux.org/index.php/GRUB#Encrypted_/boot)) . The Raspberry Pi bootloader for instance fully supports this new hashing function. Is there an actively maintained (and widely enough adopted) desktop Linux bootloader that supports LUKS2 devices with Argon2ID? Would it be possible to achieve an encrypted /boot (other than /) partition with this PBKDF?

I am using Rocky Linux 8 and 9 and they use the crypto-policy framework from Red Hat. Now I want to adjust some settings in the policy to forbid sshd to use some specific algorithms. But I can not figure out the names for these algorithms as they should be given to crypro-policy (I only know the names as openssh accepts them). I am writing a text file at /etc/crypto-policies/policies/modules/DEPRECATED-SSH-ALGOS.pmod and try to set my policy to DEFAULT:DEPRECATED-SSH-ALGOS in /etc/crypto-policies/config. The problem is the content of the DEPRECATED-SSH-ALGOS.pmod file. Some algorithms I can successfully deactivate and others I can't. In some cases I can easily guess the name that crypto-policy uses from the name that ssh uses. "Working" version of the file: ~~~ cipher@ssh = -AES-*-CBC mac@SSH = -*-SHA1 -HMAC-SHA2-256 -HMAC-SHA2-512 ~~~ but I would like to use something like this: ~~~ cipher@ssh = -AES-*-CBC mac@SSH = -*-SHA1 -HMAC-SHA2-256 -HMAC-SHA2-512 -UMAC-128@OPENSSH.COM key_exchange@SSH = -*-SHA1 -ECDH-SHA2-NISTP256 -ECDH-SHA2-NISTP384 -ECDH-SHA2-NISTP521 ~~~ but the crypto-policy framework complains that it does not know this algorithm, when I update-crypto-policies --set: ~~~ AlgorithmEmptyMatchError: Bad value of policy property key_exchange: ecdh-sha2-nistp256 Errors found in policy, first one: Bad value of policy property key_exchange: ECDH-SHA2-NISTP256 ~~~ # Question What are the names of the algorithms I can put in a crypto-policy file or where do I find these? Or: Given a ssh specific algorithm name, how can I figure out the crypto-policy name for that algorithm? ---------------- # EDIT I have since found the file /usr/share/crypto-policies/python/policygenerators/openssh.py on my Rocky machine which seems to map these names: ~~~python # ... kx_map = { 'ECDHE-SECP521R1-SHA2-512':'ecdh-sha2-nistp521', 'ECDHE-SECP384R1-SHA2-384':'ecdh-sha2-nistp384', 'ECDHE-SECP256R1-SHA2-256':'ecdh-sha2-nistp256', # ... } #... ~~~ The problem is that some of the names there did not work as well. Either of ~~~shell key_exchange@SSH = -ecdh-sha2-nistp256 # or key_exchange@SSH = -ECDHE-SECP256R1-SHA2-256 ~~~ results in `Bad value of policy property key_exchange when I update-crypto-policies --set`.

I have this lines in my /etc/ssh/sshd_config file: MACs hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com MACs -umac-64@openssh.com,-umac-128@openssh.com,-hmac-sha1-etm@openssh.com,-umac-64-etm@openssh.com,-umac-128-etm@openssh.com But still can do ssh with ssh -o MACs=hmac-md5-96 user@host Also here is the output of ssh -Q mac: hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512 hmac-md5 hmac-md5-96 umac-64@openssh.com umac-128@openssh.com hmac-sha1-etm@openssh.com hmac-sha1-96-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-md5-etm@openssh.com hmac-md5-96-etm@openssh.com umac-64-etm@openssh.com umac-128-etm@openssh.com How can I limit it to 256 and 512?

i have this task to do, but im actually stuck with this round-robin algorithm, here's the details input file there are 3 process A, B and C second column is the arrival time third column is nut value

A 1 2
B 2 3
C 0 4

i understand the idea that process with AT=0 status should be R=running then the next process with AT status should present as W=waiting after the process has reached the nut value, for ex 4 R status next seq should be F=finished output like

A B C
0 - - R
1 W - R
2 R W W
3 W W R
4 W R W
5 R W W
6 F W R
7 F R F
8 F R F
9 F F F

i tired to use the same idea of first come first serve but it's different as here we have to use the round robin algorithm and i didn't saw it before in bash if just someone give me the idea and i will try to continue till the end

nut value in the third column mean for ex first process A =2
so it must have two running status then it be finished
process C=4, must have 4 running status then finished and so on
the algorithm is round-robin i found this is the suitable one as the running status changes each line between the processes

yes each time only one running status and the other either not arrived yet or in waiting status

trying to complete Project Euler #5 . The code I have should logically work, and it passes ShellCheck, but gives no output for some reason. The code is below. Thanks and sorry if this should be in a different stack exchange site #!/bin/bash i=1 while [[ $((i % 2)) -eq 0 && $((i % 3)) -eq 0 && $((i % 5)) -eq 0 && $((i % 7)) -eq 0 && $((i % 11)) -eq 0 && $((i % 13)) -eq 0 && $((i % 17)) -eq 0 && $((i % 19)) -eq 0 ]] do i=$((i+1)) done echo $i

I can't figure out why the tcp_adv_win_scale and tcp_app_win variables coexist in Linux.  The information from tcp(7) says: For tcp_adv_win_scale: > *tcp_adv_win_scale* (integer; default: 2; since Linux 2.4)

> > Count buffering overhead as *bytes/2^tcp_adv_win_scale*, if > *tcp_adv_win_scale* is greater than 0; or > *bytes-bytes/2^(-tcp_adv_win_scale)*, if *tcp_adv_win_scale* is less than > or equal to zero. > > The socket receive buffer space is shared between the > application and kernel.  TCP maintains part of the buffer as the TCP > window, this is the size of the receive window advertised to the > other end.  The rest of the space is used as the "application" > buffer, used to isolate the network from scheduling and > application latencies.  The *tcp_adv_win_scale* default value of 2 > implies that the space used for the application buffer is one > fourth that of the total.

And for tcp_app_win: >*tcp_app_win* (integer; default: 31; since Linux 2.4)

This variable defines how many bytes of the TCP window are reserved for buffering overhead. > >A maximum of (*window/2^tcp_app_win*, mss) bytes in the window are reserved for the application buffer.  A value of 0 implies that no amount is reserved.

So I'm not sure of understanding what does tcp_app_win exactly change.  It seems to me that both variables can be used to tweak the TCP application buffer, therefore there is no need of changing them together. I am correct?

Can scrypt be used as the hashing algorithm for LUKS? Can I tune its parameters? How can I do this?

I've got a program with some compiled sorting algorithms, and I'm trying to use top to monitor its cpu and ram usage. Normally this would be fine, given that the process runs for a few minutes, however, the issue is that sometimes the program only runs for a few milliseconds (small dataset) and doesn't appear in the list in top. Is there something like the time command that I could use to spawn the process and begin monitoring until it terminates (WSL2 Ubuntu)? I have several datasets to run several algorithms on in best/worst/avg sorting order to do a basic analysis on.

Unix systems usually just error out if they are confronted with a path that contains a symlink loop or just too many symlinks, because they have a limit to the number of symlinks they will traverse in one path lookup. But is there a way to actually decide if a given path resolves to something or contains a loop, even if it contains more links than a unix is willing to follow? Or is this a formally undecidable problem? And if it can be decided, can it be decided in a reasonable amount of time/memory (e.g. without having to visit all files on a filesystem)? Some examples: a/b/c/d where a/b is a symlink to ../e and e is a symlink to f and f is a symlink to a/b a/b/c/d where a/b/c is a symlink to ../c a/b/c/d where a/b/c is a symlink to ../c/d a/b/c/d where a/b/c is a symlink to /a/b/e where a/b/e is a symlink to /a/b/f where a/b/f is a symlink to /a/b/g **Edit**: To clarify, I am not asking about finding loops in the file system, I am asking about a decision algorithm that decides of a given path whether it resolves to a definite file/directory or whether it does not resolve at all. For example in the following system, there is a loop, but the given path still resolves fine: / -- a -- b where b is a symlink to /a This directory tree clearly has a cycle, but the path a/b/b/b/b/b still resolves fine to /a.

I want to re-position elements of an array (change index of array elements) based on a condition. I don't know how to translate this to jq which is more of a *functional* language. Basically I want to sort the array but the *relative* position of specific elements should be unchanged.

for each element:
if element.role==master => record type
  for each element:
    if element.type == recorded type
      reposition the element to be below its master of similar type

I can explain better with an example. Consider input.json. How can I move all non-master elements with type "x" below their masters **without** changing the **relative** position of non-master of the same type. (ignore "num" parameter. Used only for showing relativity) input.json

[
    {
        "type": "A",
        "role": "master"
    },
    {
        "num": 1,
        "type": "A"
    },
    {
        "type": "C",
        "role": "master"
    },
    {
        "num": 4,
        "type": "B"
    },
    {
        "num": 2,
        "type": "B"
    },
    {
        "type": "B",
        "role": "master"
    },
    {
        "num": 3,
        "type": "B"
    },
    {
        "num": 4,
        "type": "A"
    },
    {
        "num": 2,
        "type": "A"
    },
    {
        "num": 0,
        "type": "C"
    },
    {
        "num": 5,
        "type": "C"
    },
    {
        "num": 1,
        "type": "A"
    },
    {
        "num": 1,
        "type": "B"
    }
]

goal.json

[
    {
        "type": "A",
        "role": "master"
    },
    {
        "num": 1,
        "type": "A"
    },
    {
        "num": 4,
        "type": "A"
    },
    {
        "num": 2,
        "type": "A"
    },
    {
        "num": 1,
        "type": "A"
    },
    {
        "type": "C",
        "role": "master"
    },
    {
        "num": 0,
        "type": "C"
    },
    {
        "num": 5,
        "type": "C"
    },
    {
        "type": "B",
        "role": "master"
    },
    {
        "num": 4,
        "type": "B"
    },
    {
        "num": 2,
        "type": "B"
    },
    {
        "num": 3,
        "type": "B"
    },
    {
        "num": 1,
        "type": "B"
    }
]

As you can see: 1- The relative positions of masters is left unchanged (A - C - B) 2- The relative positions of non-masters of the same type is left unchanged. (I guess this problem has a name in algorithms literature? in-place sorting?)

In Kali Linux, I found an unknown hash algorithm used to encrypt the Kali Linux password. > root:$y$j9T$J3nInhusIQkrmvCnX8tlo.$KduXmrDY7wv3o2P/k9t35adUH5XWUBYngo1Wxypy2X.:18749:0:99999:7::: My Question is: What type of hash is it? It doesn't seem to be MD5 nor SHA-512.

I've been studying programming for like 3 years or so but my teachers never taught me algorithms. Are there any online courses for beginners? with tasks.

why it is not possible to use SJF as the scheduling algorithm for Linux?

I have looked in several places such as [here](https://www.cs.columbia.edu/~junfeng/10sp-w4118/lectures/l07-proc-linux.pdf) but none explain in detail the structs used for implementing the stack itself (the place where "tasks" (processes/threads) store their nested call information and such). Is it a linked list, or is it an array, or something else? I can't seem to find this information, but diagrammatically they always show it as a large memory block (virtual memory) where the beginning is the heap and the end is the stack. But this is virtual memory we're dealing with, which has all kinds of data structures around it such as pagination. So the question is what exactly is the implementation of the stack on top of all this? I can't help but think it must be a linked list. The reason is, if you have multiple processes each with their own stack, how is this implemented? [Here](https://lwn.net/Articles/692208/) we seem to be getting somewhere: > Each process has its own stack for use when it is running in the kernel; in current kernels, that stack is sized at either 8KB or (on 64-bit systems) 16KB of memory. The stack lives in directly-mapped kernel memory, so it must be physically contiguous.

I am running ubuntu 18.04.3 server HWE edition in my local lab and while reading the manuals I came across the issue that I am unable to determine how to exclude users from connecting to my server via ssh which do not use a key created using the ed25519 algorithm. I know that I can configure sshd to deny specific ciphers, but I can not find information about restricting the usage of keys with specific algorithms. I made it sofar that I basically deleted all host keys which are not ed25519 and restricted the renewal to only ed25519, but this obviously will not achieve what I want userside. Thanks in advance.

I was wondering whether there are any scenarios which require file(s) to be compressed multiple times with the same or a different algorithm. As far as i can tell the file size can be reduced further by applying further compression dependent on the nuances of a compression algorithm. (what files or data it is optimised for). Perhaps certain technologies expect a certain file type? If you apply multiple rounds of compression could it result in an increasing file size, as information is added to denote that a certain compression encoding has been used?

I have a space or comma separated table with two columns, each row representing equivalence of the two words. A B B C B D C E F G What I want is a table with each row listing all mutually equivalent words. A B C D E F G That is if two words ever occur on the same row of input they must end up in the same row of the output. Any tool would do.

I'm currently testing changes in my scripts for performance purposes. Specifically, I want to change if to case statements. However, being new to shell programming I'm getting stuck on this type of statement: if [ "$A" == "x" -a "$B" == "y" ] then let a=a+1 fi I tried this but it didn't work: case "$A$B" in "x""y") let a=a+1 ;; esac What did I get wrong? And is it possible to manage a "!=" in case statements? Such as: if [ "$A" == "x" -a "$B" != "y" ] then let a=a+1 fi

Until recently I thought the load average (as shown for example in top) was a moving average on the n last values of the number of process in state "runnable" or "running". And n would have been defined by the "length" of the moving average: since the algorithm to compute load average seems to trigger every 5 sec, n would have been 12 for the 1min load average, 12x5 for the 5 min load average and 12x15 for the 15 min load average. But then I read this article: http://www.linuxjournal.com/article/9001 . The article is quite old but the same algorithm is implemented today in the Linux kernel. The load average is not a moving average but an algorithm for which I don't know a name. Anyway I made a comparison between the Linux kernel algorithm and a moving average for an imaginary periodic load: . There is a huge difference. Finally my questions are: - Why this implementation have been choosen compared to a true moving average, that has a real meaning to anyone ? - Why everybody speaks about "1min load average" since much more than the last minute is taken into account by the algorithm. (mathematically, all the measure since the boot; in practice, taking into account the round-off error -- still a lot of measures)

How to log the Protocol, KexAlgorithm, Cipher and MAC algorithm negociated by the client and the client's user agent string? What I'm looking for is the OpenSSH equivalent to Apache HTTPD's [CustomLog+LogFormat+mod_ssl](https://httpd.apache.org/docs/2.4/en/mod/mod_ssl.html#logformats) %{SSL_PROTOCOL}x %{SSL_CIPHER}x + %{User-agent}i I want to log (on the server side) the same information that are availiable on the client side : $ ssh -v localhost 2>&1 |grep kex debug1: kex: server->client chacha20-poly1305@openssh.com none debug1: kex: client->server chacha20-poly1305@openssh.com none + $ ssh -v localhost 2>&1 |grep version debug1: Local version string SSH-2.0-OpenSSH_6.7 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7