DEV Community: Khuram Murad

How I Fixed ‘No NIC Except Loopback’ on CentOS Stream Minimal in VMware

Khuram Murad — Mon, 21 Jul 2025 17:59:53 +0000

I recently spun up a CentOS Stream 10 Minimal VM in VMware to test some networked services. After installation, I ran:

ip link show

And saw only the loopback device:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000

No eth0, no ens33, nothing but lo. A quick check revealed:

lspci | grep -i eth
# → 02:00.0 Ethernet controller: Advanced Micro Devices, Inc. [AMD] 79C97x (PCnet32 LANCE)

CentOS Stream Minimal didn’t load a driver for the VMware PCnet‑PCI II adapter, and my bridged LAN had no DHCP server, so even a loaded driver wouldn’t help.

Here’s a concise “restore‑your‑VM‑network” recipe—drop it into your personal wiki or a Gist and never get stuck without a NIC again 🤓.

1. Symptom

Inside the VM:

ip link show
# only shows 'lo'

And:

lspci | grep -i eth
# shows the AMD PCnet32 LANCE adapter

No real interface (eth0, ens*, etc.) is ever created.

2. Root Cause

Legacy NIC VMware’s default PCnet‑PCI II (pcnet32) adapter isn’t supported out‑of‑the‑box by CentOS Stream Minimal.
No DHCP In Bridged mode on a network without DHCP, the interface can’t acquire an IP—even if the driver loads.

3. The Fix

A. Switch to NAT (Built‑in DHCP)

Power off the VM.
In VMware: VM → Settings → Network Adapter.
Select NAT instead of Bridged.
✔ Enable Connected and Connect at power on.
OK, then power on.

NAT mode uses VMware’s vmnet8 network and has a built‑in DHCP server, so you’ll always get a lease.

B. Verify the Guest Sees a NIC

ip link show
# 1: lo: ...
# 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
#     link/ether 00:0c:29:54:92:e9 brd ff:ff:ff:ff:ff:ff

Interface names may vary (ens33, enp0s3, etc.).

C. Grab an IP via DHCP

sudo ip link set ens32 up
sudo dhclient -v ens32
ip addr show ens32

Expected output:

inet 192.168.128.10/24 brd 192.168.128.255 scope global dynamic ens32

Test connectivity:

ping -c3 8.8.8.8    # Should succeed
ping -c3 google.com # Should succeed

D. Create a Persistent NetworkManager Profile

Use nmcli so the interface auto‑connects on reboot:

# 1) Remove any old/broken profile (if it exists)
sudo nmcli connection delete vm-dhcp || true

# 2) Add a new DHCP-based Ethernet connection
sudo nmcli connection add \
  type ethernet \
  con-name vm-dhcp \
  ifname ens32 \
  autoconnect yes \
  ipv4.method auto

# 3) Bring it up now
sudo nmcli connection up vm-dhcp

Verify:

nmcli device status
# DEVICE  TYPE      STATE      CONNECTION
# ens32   ethernet  connected  vm-dhcp

ip addr show ens32
# shows your 192.168.x.x address

4. Confirm Everything Works

ping -c3 google.com

If you get replies, congrats 🎉—you’ve restored full networking to your CentOS Stream Minimal VM!

Notes & Alternatives

Driver‑only fix If you prefer to keep the PCnet32 adapter, load its driver:

  sudo modprobe pcnet32
  echo pcnet32 | sudo tee /etc/modules-load.d/pcnet32.conf

You’ll still need a DHCP server on your bridged network.

Bridged with DHCP If your physical LAN has DHCP and you need bridged mode, switch back to Bridged after loading the driver or change the adapter type to e1000 or vmxnet3.

Hope this helps you avoid the “No NIC except loopback” woes in your CentOS Stream Minimal VMs! 🚀

🚦Tired of Port Collisions? How I Shifted Jenkins Off 8080 to 9595 (Ubuntu)

Khuram Murad — Mon, 07 Jul 2025 04:12:00 +0000

When Jenkins and my other apps both claimed port 8080, my workflows kept crashing. I tried editing /etc/default/jenkins, fiddling with HTTP_PORT, and even invoking systemctl edit jenkins—but Jenkins stubbornly stuck to --httpPort=8080. It took digging into systemd’s drop‑in mechanism and learning that modern Jenkins packages ignore /etc/default/jenkins in favor of JENKINS_PORT overrides to break free from port conflicts. In this post, I’ll walk you through exactly what went wrong, why those common fixes failed, and the four commands that finally moved Jenkins to port 9595—all with citations to official docs and community wisdom.

🧩 The Problem

Changing /etc/default/jenkins had no effect. I set:

   HTTP_PORT=9595

restarted Jenkins, but:

   ps aux | grep jenkins

still showed --httpPort=8080 (stackoverflow.com).

systemctl edit jenkins overrides weren’t applying. No matter what I saved, /etc/systemd/system/jenkins.service.d/override.conf stayed empty or missing, so the service unit never picked up my port (askubuntu.com).

🕵️ What Went Wrong ⚠️

Jenkins 2.332.1+ packages now use systemd exclusively. They ignore /etc/default/jenkins and migrate old init settings into drop‑in overrides (jenkins.io).
Although many guides still reference HTTP_PORT, the systemd unit actually honors JENKINS_PORT (devops.stackexchange.com).
Without a valid override file in /etc/systemd/system/jenkins.service.d/, Jenkins kept launching with its built‑in --httpPort=8080 argument (community.jenkins.io).

🛠️ Step‑by‑Step Fix: Manual Drop‑In Override

1. Create the override directory

sudo mkdir -p /etc/systemd/system/jenkins.service.d/

This ensures systemd will look for custom overrides (jenkins.io).

2. Create (or edit) `override.conf`

sudo nano /etc/systemd/system/jenkins.service.d/override.conf

Add these lines:

[Service]
Environment="JENKINS_PORT=9595"

Why JENKINS_PORT? The official systemd unit template reads this variable when starting Jenkins, unlike HTTP_PORT (medium.com, devops.stackexchange.com).

Save and exit (Ctrl+O → Enter → Ctrl+X).

3. Reload systemd & restart Jenkins

sudo systemctl daemon-reload
sudo systemctl restart jenkins

This makes systemd pick up your new override (jenkins.io).

4. Verify the new port

sudo ss -tuln | grep 9595
ps aux | grep jenkins

You should now see --httpPort=9595 instead of 8080 (phoenixnap.com).

🎉 Why This Works

systemd drop‑in files are the supported way to customize services without editing core unit files, which get overwritten on upgrades (jenkins.io).
Overriding JENKINS_PORT hooks into Jenkins’s existing startup logic—no need to rewrite the entire ExecStart (devops.stackexchange.com).
This approach is upgrade‑safe, avoids manual edits to /lib/systemd/system/jenkins.service, and aligns with Jenkins’s official recommendations (jenkins.io).

🧪 Common Gotchas

Mistake	Why it fails	Correct fix
Editing `/etc/default/jenkins`	Ignored by modern systemd‑managed packages	Use drop‑in override with `JENKINS_PORT`
Modifying core systemd unit file	Overwritten on upgrades	Create `/etc/systemd/system/...d/override.conf` (jenkins.io)
`systemctl edit` didn’t save	Editor or permissions issue	Manually create the file as above
Still seeing port 8080	Override file missing or malformed	Confirm `/etc/systemd/system/jenkins.service.d/override.conf` exists and is correct

✅ Final Checklist

Confirm override file exists:

   ls -l /etc/systemd/system/jenkins.service.d/override.conf

Inspect its contents:

   cat /etc/systemd/system/jenkins.service.d/override.conf

Reload & restart:

   sudo systemctl daemon-reload
   sudo systemctl restart jenkins

Verify the port:

   sudo ss -tuln | grep 9595
   ps aux | grep jenkins

🚀 Beyond the Port

SSL/TLS via reverse proxy (Nginx/Apache) — leverage JENKINS_HTTPS_PORT in the same drop‑in (devops.stackexchange.com).
Additional JVM options — set Environment="JAVA_OPTS=…" alongside JENKINS_PORT for memory tuning or custom flags.
Automate with Ansible or Puppet — manage your override file declaratively so every build agent uses the same port.

Happy building!

References

Changelog for Jenkins systemd overrides — Jenkins official docs (jenkins.io)
Ask Ubuntu: Changed Jenkins port doesn’t apply (askubuntu.com)
DevOps.SE: Changing Jenkins port to 80 via systemd (devops.stackexchange.com)
phoenixNAP: How to change port for Jenkins on Linux (phoenixnap.com)
Medium: Change default Jenkins port on RHEL/CentOS (medium.com)
StackOverflow: Change Jenkins default port in Ubuntu 12.04 (stackoverflow.com)
Community Jenkins forum: systemd failing to launch Jenkins (community.jenkins.io)
YouTube: How to change Jenkins default port (JENKINS_PORT segment) (youtube.com)
Scaler: Changing Jenkins default port guidelines (scaler.com)
AskUbuntu: Fixing Jenkins port override issues (askubuntu.com)

The Ultimate Guide to SSH Hardening: Secure Your Remote Access

Khuram Murad — Sat, 21 Jun 2025 05:22:12 +0000

🔒 SSH (Secure Shell) is the backbone of remote server administration, but its default configuration is often insecure. Without proper hardening, your server could be vulnerable to brute-force attacks, unauthorized access, and exploits.

In this guide, I’ll walk you through professional-grade SSH security practices, explaining each step in detail to ensure your remote access remains both secure and functional.

🔧 Step 1: Installation & Basic Configuration

Why Start Here?

Before tweaking security settings, ensure OpenSSH is installed and running. Some Linux distributions don’t include the SSH server by default.

1. Check if SSH is Installed

ssh -V  # Shows OpenSSH version

✅ Expected Output:

OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022

If not installed, proceed to installation.

2. Install OpenSSH Server

# Debian/Ubuntu
sudo apt update && sudo apt install openssh-server -y

# RHEL/CentOS
sudo dnf install openssh-server -y

✅ What This Does:

Installs the OpenSSH server package.
Enables SSH access on port 22 (default).

3. Verify SSH Service Status

sudo systemctl status ssh  # Ubuntu
sudo systemctl status sshd # RHEL/CentOS

✅ Expected Output:

Active: active (running) means SSH is working.
If not running, start it with:

sudo systemctl start sshd && sudo systemctl enable sshd

🔐 Step 2: Hardening SSH Configuration (`sshd_config`)

Why Harden `sshd_config`?

The default SSH configuration allows password logins, root access, and weak encryption, making it an easy target for attackers.

1. Backup the Original Config (Safety First!)

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

✅ Why?

If something breaks, you can restore the original config.

2. Edit `/etc/ssh/sshd_config`

sudo nano /etc/ssh/sshd_config

Apply these critical security settings:

Setting	Value	Why?
`Port 2222`	Change from `22`	Avoids automated bots scanning port 22
`PermitRootLogin no`	Disable root login	Prevents attackers from targeting root
`PasswordAuthentication no`	Disable password login	Forces key-based auth (more secure)
`PubkeyAuthentication yes`	Enable SSH keys	Allows only authorized users
`X11Forwarding no`	Disable GUI forwarding	Reduces attack surface
`MaxAuthTries 3`	Limit login attempts	Stops brute-force attacks
`AllowUsers your_username`	Restrict access	Only allows specified users

3. Restart SSH to Apply Changes

sudo systemctl restart sshd

✅ Verify the new port is active:

ss -tulnp | grep sshd

Expected output:

tcp   LISTEN 0 128  0.0.0.0:2222  0.0.0.0:*  users:(("sshd",pid=1234,fd=3))

🔑 Step 3: Key-Based Authentication (More Secure Than Passwords)

Why Use SSH Keys?

Passwords can be cracked with brute-force attacks.
SSH keys use cryptographic authentication, making unauthorized access nearly impossible.

1. Generate SSH Keys (On Your Local Machine)

ssh-keygen -t ed25519 -a 100 -f ~/.ssh/server_access -C "your_email@example.com"

✅ Explanation:

-t ed25519: Uses modern, secure encryption.
-a 100: Adds 100 rounds of key derivation (extra security).
-f ~/.ssh/server_access: Saves the key in a custom file.

2. Copy Public Key to Server

ssh-copy-id -i ~/.ssh/server_access.pub -p 2222 user@server_ip

✅ Alternative (Manual Method):

cat ~/.ssh/server_access.pub | ssh -p 2222 user@server_ip "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

3. Test Key-Based Login

ssh -i ~/.ssh/server_access -p 2222 user@server_ip

✅ Expected Result:

If configured correctly, you’ll log in without a password.

🛡️ Step 4: Firewall Rules (Restrict SSH Access)

Why Use a Firewall?

Blocks unauthorized IPs.
Limits brute-force attacks.

UFW (Ubuntu/Debian)

sudo ufw allow 2222/tcp comment 'SSH access'
sudo ufw limit 2222/tcp  # Rate-limiting (blocks repeated attempts)
sudo ufw enable

Firewalld (RHEL/CentOS)

sudo firewall-cmd --permanent --add-port=2222/tcp
sudo firewall-cmd --reload

✅ Verify Firewall Rules:

sudo ufw status  # Ubuntu
sudo firewall-cmd --list-ports  # RHEL/CentOS

🚨 Advanced Security: Fail2Ban & 2FA

1. Fail2Ban (Automatically Blocks Attackers)

sudo apt install fail2ban  # Ubuntu
sudo dnf install fail2ban  # RHEL

Configuration (/etc/fail2ban/jail.local):

[sshd]
enabled = true
port = 2222
maxretry = 3  # Blocks after 3 failed attempts
bantime = 1h  # Bans for 1 hour

2. Two-Factor Authentication (2FA) for SSH

sudo apt install libpam-google-authenticator
google-authenticator  # Follow setup instructions

Edit /etc/ssh/sshd_config:

AuthenticationMethods publickey,keyboard-interactive

✅ Now, logging in requires:

SSH Key
Google Authenticator Code

🔍 Monitoring & Maintenance

1. Check Failed Login Attempts

sudo grep "Failed password" /var/log/auth.log  # Ubuntu
sudo grep "Failed password" /var/log/secure   # RHEL

2. Test SSH Config Before Applying

sudo sshd -t  # Checks for syntax errors

✅ Best Practice:

Regularly update OpenSSH (sudo apt upgrade openssh-server).
Review logs for suspicious activity.

✅ Final Security Checklist

[ ] Changed default SSH port
[ ] Disabled root login
[ ] Disabled password authentication
[ ] Enabled SSH key-based auth
[ ] Configured firewall rules
[ ] Set up Fail2Ban
[ ] Restricted user access
[ ] Enabled session timeouts
[ ] Tested backup access method
[ ] Documented all changes

🚀 Conclusion

By following these steps, you’ve dramatically improved SSH security by:

✔ Eliminating password-based attacks

✔ Blocking brute-force attempts

✔ Restricting unauthorized access

Want even more security? Consider:

Port knocking (hidden SSH port)
VPN-based SSH access (extra layer)
Automated log monitoring (SIEM tools)

🔗 Further Reading:

🚨 Stay secure, and happy administering! 🚀

🐳 [Fix] Can't Install Docker on Ubuntu 22.04? Here's the Real Solution (NO_PUBKEY Error)

Khuram Murad — Sat, 03 May 2025 13:02:17 +0000

🚀 Fix the GPG Key Error and Install Docker on Ubuntu 22.04

Follow these steps carefully to resolve the GPG key issue and ensure a clean Docker installation. Run each command exactly as shown to avoid syntax errors.

1. Remove Any Existing Docker Repository Configuration

To avoid conflicts or malformed entries, let’s clean up any existing Docker repository files:

sudo rm -f /etc/apt/sources.list.d/docker.list
sudo rm -f /etc/apt/keyrings/docker.gpg

2. Update and Install Prerequisites

Ensure your system has the necessary tools:

sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg lsb-release

The -y flag automatically confirms the installation.
This step ensures curl and gnupg are available for fetching and processing the GPG key.

3. Add Docker’s GPG Key Securely

Set up the keyring directory and fetch Docker’s GPG key:

sudo mkdir -p /etc/apt/keyrings
sudo chmod 755 /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

mkdir -p ensures the directory is created if it doesn’t exist.
chmod 755 sets correct directory permissions.
chmod a+r makes the key readable by all users, which apt requires.

4. Add the Docker Repository

Add the Docker repository to your APT sources:

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
  https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

This command dynamically sets the architecture (e.g., amd64, arm64) and Ubuntu codename (e.g., jammy for 22.04).
The tee command writes the repository configuration to /etc/apt/sources.list.d/docker.list.
Verify the file content to ensure no syntax errors:

cat /etc/apt/sources.list.d/docker.list

Expected output (example for amd64 on Ubuntu 22.04):

deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu jammy stable

If the output looks malformed (e.g., extra characters, missing spaces), delete the file (sudo rm /etc/apt/sources.list.d/docker.list) and rerun the echo command.

5. Update APT and Install Docker

Now update the package index and install Docker:

sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

If you see the GPG error again (NO_PUBKEY 7EA0A9C3F273FCD8), double-check the GPG key step and permissions on /etc/apt/keyrings/docker.gpg.
The -y flag skips confirmation prompts.

6. Verify Docker Installation

Test Docker to ensure it’s working:

sudo docker run hello-world

This pulls a test image and runs a container. If successful, you’ll see a message confirming Docker is working.

🙌 Optional: Run Docker Without `sudo`

To avoid typing sudo for Docker commands:

sudo usermod -aG docker $USER

Log out and back in, or run:

newgrp docker

Test it:

docker run hello-world

🛠 Troubleshooting the "Token" Error

The "found character that cannot start any token" error is likely unrelated to the GPG key issue but could stem from:

Malformed /etc/apt/sources.list.d/docker.list:
- If the repository file contains invalid characters (e.g., extra quotes, spaces, or tabs), apt might fail.
- Check the file:
```
 cat /etc/apt/sources.list.d/docker.list
```

If it’s incorrect, remove it and recreate it using the echo command in step 4.

Docker Compose YAML File (if applicable):
- If you’re using Docker Compose and have a docker-compose.yml file, the error could indicate a syntax issue (e.g., invalid indentation, stray characters).
- Check the file for errors:
```
 docker-compose config
```

If you have a docker-compose.yml, share its contents, and I can help identify the issue.

Corrupted APT Cache:

Clear the APT cache and try again:

 sudo apt-get clean
 sudo rm -rf /var/lib/apt/lists/*
 sudo apt-get update

Locale or Environment Issues:
- Ensure your system’s locale is set correctly, as some tools misbehave with invalid locales:
```
 locale
```

If the output shows errors, set a valid locale:

 sudo locale-gen en_US.UTF-8
 export LC_ALL=en_US.UTF-8

🔍 If the Issue Persists

If you still encounter the GPG key error or the "token" error, please provide:

The exact error message when running sudo apt-get update.
The contents of /etc/apt/sources.list.d/docker.list (run cat /etc/apt/sources.list.d/docker.list).
If using Docker Compose, share your docker-compose.yml file.
The output of ls -l /etc/apt/keyrings/docker.gpg to verify permissions.

✅ Final Notes

The steps above align with Docker’s official installation guide for Ubuntu and account for Ubuntu 22.04’s stricter APT security.
The "token" error is likely a secondary issue, possibly from a malformed configuration. The cleanup and precise commands above should prevent it.
If you’re still stuck, share the additional details, and I’ll tailor the solution further.

Happy containerizing! 🐳 Let me know if you need more help.

🛠️ Resolving GRUB Boot Issues After Reinstalling Windows 11 in a Dual-Boot Setup

Khuram Murad — Sat, 22 Feb 2025 10:07:59 +0000

Dual-booting Windows and Ubuntu offers the flexibility of both operating systems on a single machine. However, reinstalling Windows can sometimes disrupt the GRUB bootloader, leading to boot issues. This guide provides a straightforward solution to restore GRUB functionality and reintegrate Windows into the boot menu.

📝 The Issue

After performing a fresh installation of Windows 11 on a system that also runs Ubuntu, you might encounter the following problems:

GRUB Bootloader Missing: The system boots directly into Windows without displaying the GRUB menu.
Windows Entry in GRUB Fails: Selecting Windows from the GRUB menu results in errors like no such device: 22a5-da27 or error: unknown filesystem.

These issues arise because reinstalling Windows can overwrite the GRUB bootloader and change partition UUIDs, causing mismatches in GRUB's configuration.

🔧 Solution Overview

To resolve these issues, we'll:

Restore GRUB Bootloader: Modify the boot order in BIOS/UEFI settings to prioritize Ubuntu, allowing access to the GRUB menu.
Update GRUB Configuration: Identify the new UUID of the Windows partition and update GRUB's configuration to reflect this change.

🛠️ Step-by-Step Guide

1. Modify Boot Order in BIOS/UEFI

Reinstalling Windows often changes the boot sequence, setting Windows Boot Manager as the default. To access GRUB:

Access BIOS/UEFI Settings:
- Restart your computer and enter the BIOS/UEFI setup by pressing the designated key (commonly F2, F10, Delete, or Esc) during startup.
Change Boot Priority:
- Navigate to the boot settings and set the Ubuntu drive or GRUB bootloader as the primary boot option.
Save and Exit:
- Save the changes and restart your computer. The GRUB menu should now appear, allowing you to boot into Ubuntu.

2. Update GRUB Configuration with the Correct UUID

Once you're back in Ubuntu, update GRUB to recognize the current UUID of the Windows partition:

Open Terminal:
- Boot into Ubuntu and open the terminal.
Identify Windows Partition:
- Run:
```
lsblk -f
```
- Locate the Windows partition (typically formatted as ntfs). Note its mount point (e.g., /mnt/boot/efi).
Find the UUID:
- Run:
```
blkid
```
- Find the UUID corresponding to the Windows partition.

Edit GRUB Configuration:

Open the custom configuration file:

sudo vi /etc/grub.d/40_custom

Add the following entry, replacing YOUR_UUID with the UUID obtained earlier:

menuentry "Windows 11" --class windows --class os {
    insmod part_gpt
    insmod ntfs
    search --no-floppy --set=root --fs-uuid YOUR_UUID
    chainloader /EFI/Microsoft/Boot/bootmgfw.efi
}

Update GRUB:
- Save the file and run:
```
sudo update-grub
```
- This command regenerates the GRUB configuration to include the updated Windows entry.

3. Verify the Solution

Reboot the System:
- Restart your computer. The GRUB menu should display an option for "Windows 11".
Test Booting into Windows:
- Select "Windows 11" from the GRUB menu to ensure it boots correctly.

🎯 Conclusion

By following these steps, you can restore the GRUB bootloader and ensure both Ubuntu and Windows 11 are accessible in your dual-boot setup. This approach addresses the common issue of GRUB not recognizing Windows after a fresh installation due to UUID changes.

For more detailed information, you can refer to this Ask Ubuntu discussion: askubuntu.com

Feel free to share this guide with others who might encounter similar issues!

🚀 How I Fixed "Not Enough Free Space in /var" While Upgrading Kali Linux

Khuram Murad — Sun, 09 Feb 2025 09:51:37 +0000

While upgrading my Kali Linux running on VMware, I encountered this error:

E: You don't have enough free space in /var/cache/apt/archives/.

When I checked my disk space using:

df -h

I found that my /var partition was almost full, preventing the system from downloading and installing updates.

🔍 Investigating the Disk Space

To analyze the situation, I ran:

lsblk

Disk Layout Before Fixing the Issue:

NAME                     SIZE  USED AVAIL MOUNTPOINTS
sda                      500G  
├─sda1                   487M  186M  245M /boot
├─sda2                   124.5G  
│ ├─kalilinux--vg-root    23G   14G  8.3G /
│ ├─kalilinux--vg-var    9.3G  7.2G  1.5G /var
│ ├─kalilinux--vg-home   89.1G  227M  83G /home

I had already expanded my VMware virtual disk to 500GB, but my LVM partitions hadn’t been extended to use the extra space.

🛠️ Step-by-Step Solution: Expanding the `/var` Partition in LVM

Since my Kali Linux uses LVM (Logical Volume Manager), I had to allocate more space to /var.

📌 Step 1: Expanding the Virtual Disk in VMware

If you're using VMware, you can increase the disk size:

Power off your Kali Linux VM.
Open VMware Workstation/Player.
Go to VM Settings > Hard Disk > Expand.
Increase the disk size to 500GB.
Apply changes & boot into Kali Linux.

After this, the virtual disk (/dev/sda) now had extra space, but the partitions hadn’t changed yet.

📌 Step 2: Checking Available Space

After booting up Kali, I checked the available space using:

lsblk

Output Before Resizing Partitions:

NAME                     SIZE  USED AVAIL MOUNTPOINTS
sda                      500G  
├─sda1                   487M  
├─sda2                   124.5G  
│ ├─kalilinux--vg-root    23G  
│ ├─kalilinux--vg-var    9.3G  
│ ├─kalilinux--vg-home   89.1G  
└─ Free space            375G  (Unused)

I had 375GB of free space that needed to be allocated to /var.

📌 Step 3: Resizing the Partition (`/dev/sda5`) to Use the Free Space

I had to extend /dev/sda5 (the LVM partition) to use the extra 375GB.

Open cfdisk to edit partitions:

   sudo cfdisk /dev/sda

Select /dev/sda2 (Extended Partition).
Choose Resize and extend it to fill the free space.
Select /dev/sda5 inside /dev/sda2, and resize it to use all available space.
Write changes and exit.

🚨 Important: Reboot the system for changes to take effect:

sudo reboot

📌 Step 4: Expanding LVM to Use the New Space

After rebooting, I had to tell LVM to use the expanded partition.

Resize the LVM Physical Volume:

   sudo pvresize /dev/sda5

Check how much free space is available in the Volume Group:

   sudo vgdisplay

Look for "Free PE / Size", which should now show the extra space.

📌 Step 5: Extending the `/var` Logical Volume

Since /var was running out of space, I extended it:

sudo lvextend -L +30G /dev/mapper/kalilinux--vg-var

Or, to use all available space:

sudo lvextend -l +100%FREE /dev/mapper/kalilinux--vg-var

📌 Step 6: Resizing the `/var` Filesystem

Now that the partition was larger, I had to resize the filesystem:

sudo resize2fs /dev/mapper/kalilinux--vg-var

For XFS filesystems, use:

sudo xfs_growfs /var

📌 Step 7: Verify the New Space

To confirm that /var had more space, I ran:

df -h

Output After Resizing:

Filesystem                   Size  Used Avail Use% Mounted on
/dev/mapper/kalilinux--vg-var  40G   7.2G  32G   20% /var

✅ /var now had plenty of space for updates!

📌 Step 8: Running the Upgrade Again

Now that /var had enough space, I retried the upgrade:

sudo apt-get update && sudo apt-get upgrade

This time, the upgrade completed successfully without any storage issues! 🎉

🔚 Conclusion

If you're running Kali Linux in VMware and get a "Not Enough Free Space in /var" error, follow these steps:

✔ Expand the virtual disk in VMware

✔ Resize the partitions (/dev/sda5)

✔ Update LVM with pvresize, lvextend, and resize2fs

✔ Retry the upgrade!

This method works not only for Kali Linux, but for any LVM-based Linux system running in a VM or a physical machine.

If this guide helped you, feel free to share it! 🚀🔥

✍️ Author: Khuram Murad

📌 Follow me for more Linux tips!

How to Set Up OpenShift Local (CRC) on Ubuntu: A Developer's Guide

Khuram Murad — Sun, 05 Jan 2025 15:00:03 +0000

Red Hat's CodeReady Containers (CRC) provides developers with a lightweight, local OpenShift 4 cluster perfect for development and testing. In this guide, I'll walk you through setting up CRC on Ubuntu, sharing some tips and tricks I learned along the way.

System Requirements

Before we begin, ensure your system meets these minimum requirements:

Ubuntu Linux (20.04 or newer)
9GB RAM (16GB recommended for better performance)
4 CPU cores
35GB free disk space
Administrative (sudo) access
Hardware virtualization support (VT-x or AMD-v)

Step 1: Prepare Your System

First, let's ensure your system has the necessary virtualization support. Open a terminal and run:

# Update package list
sudo apt update

# Install KVM and libvirt
sudo apt install qemu-kvm libvirt-daemon libvirt-daemon-system

# Verify KVM installation
kvm-ok

The kvm-ok command should indicate that virtualization is supported and enabled in your BIOS.

Step 2: Install Required Dependencies

CRC needs certain packages to function properly:

# Install QEMU and virtiofsd
sudo apt install qemu-system virtiofsd

# Add your user to the libvirt group
sudo usermod -aG libvirt $USER
newgrp libvirt

Step 3: Download and Install CRC

Download the latest CRC from Red Hat's Developer portal
Extract and install the binary:

# Extract the archive
tar -xvf crc-linux-amd64.tar.xz

# Move binary to your PATH
sudo mv crc-linux-*/crc /usr/local/bin/

# Make it executable
sudo chmod +x /usr/local/bin/crc

Step 4: Setup and Start CRC

Now we're ready to set up and start CRC:

# Run initial setup
crc setup

# Start the cluster
crc start

The setup process will:

Configure network settings
Set up the libvirt network
Configure the system for virtualization
Download the OpenShift bundle if needed

Common Issues and Solutions

1. Virtualization Error

If you see errors about virtualization, ensure it's enabled in your BIOS/UEFI settings.

2. Memory Issues

Default memory allocation might not be enough. Adjust it with:

crc config set memory 16384  # Sets memory to 16GB

3. Network Configuration

If you encounter network issues, try:

crc cleanup
crc setup
crc start

Useful Commands

Here are some helpful commands for managing your CRC installation:

# Stop the cluster
crc stop

# Delete the cluster
crc delete

# View cluster status
crc status

# Get console URL and credentials
crc console --credentials

# Clean up CRC installation
crc cleanup

Working with the Cluster

Once your cluster is running, you can:

Access the OpenShift web console using the URL provided
Use oc commands to interact with the cluster
Deploy applications using oc new-app
Use the integrated container registry

Tips for Better Performance

Allocate more resources if available:

crc config set memory 16384
crc config set cpus 6

Enable nested virtualization if available:

crc config set enable-nested-virtualization true

Use the built-in monitoring tools to keep track of resource usage:

crc console --credentials
# Then access the monitoring dashboard in the OpenShift console

Conclusion

CRC provides a fantastic way to run OpenShift locally for development and testing. While the initial setup might seem daunting, following these steps should get you up and running smoothly.

Remember that CRC is designed for development and testing - it's not meant for production workloads. However, it provides most OpenShift features you need for development, making it an invaluable tool in your development workflow.

Have you set up CRC on your system? What challenges did you face? Share your experiences in the comments below!

Note: The commands and steps in this guide were tested on Ubuntu 24.04 LTS, but should work on other Ubuntu versions as well.

🚀Setting Up Local OpenShift Development Environment with Minishift

Khuram Murad — Fri, 03 Jan 2025 18:08:09 +0000

Prerequisites 📋

Windows/Linux/macOS 💻
VirtualBox installed 🔧
Administrator privileges 🔑
Stable internet connection 🌐

Installing Minishift ⚙️
Add to System PATH 🛣️

Download https://github.com/minishift/minishift/releases/tag/v1.16.1 📥
Extract to C:\minishift 📂
Add to PATH:
[Environment]::SetEnvironmentVariable("Path", $env:Path + ";C:\minishift", "Machine")
Or via GUI:

System Properties → Environment Variables → PATH → Edit ⚡
Add C:\minishift → OK ✅

Configure Environment 🔨

Clean existing setup

minishift delete --force

Configure VM settings

minishift config set vm-driver virtualbox
minishift config set memory 4GB
minishift config set cpus 2
minishift config set image-caching true
minishift config set insecure-registry "172.30.0.0/16"

Start cluster

minishift start --openshift-version v3.7.0 --iso-url centos
Troubleshooting 🔍
Common Issues & Solutions 🛠️

Image Pull Failures 🏷️

CentOS ISO prevents Docker image issues
Insecure registry fixes SSL/TLS problems

Performance Tips ⚡

4GB RAM minimum
2 CPUs recommended
Enable image caching

Best Practices 💡

Stop cluster: minishift stop
Complete cleanup: minishift delete
Regular configuration backups 💾
Monitor resource usage 📊

Benefits 🌟

Free local development environment 💰
Quick testing iterations ⚡
Production-like setup 🎯
Perfect for learning OpenShift 📚

Verification Steps ✅

Launch web console via provided URL 🌐
Login with default credentials 🔐
Check cluster health: minishift status 💪

Success Indicators 🎯

Web console accessible
Cluster status: Running
No error messages in logs

Tags 🏷️

OpenShift #DevOps #Kubernetes #CloudNative #TechBlog #ContainerPlatform

Found this helpful? Like and share to help others in the community! 🤝
Feel free to reach out with questions or suggestions in the comments below! 💭

How to Install WhatsApp on Linux Using Snapd as WhatsDesk: A Complete Guide

Khuram Murad — Mon, 04 Nov 2024 03:04:36 +0000

Are you a Linux user looking for a way to use WhatsApp without constantly reaching for your phone? While there isn’t an official WhatsApp app for Linux, you can still install and run it easily with WhatsDesk, an Electron-based application that brings WhatsApp Web to your desktop. In this guide, I’ll show you how to set up WhatsApp on Linux using Snap, a universal package management system that makes installation simple across Linux distros.

Why Use Snap for Installing Apps on Linux?

Before diving into the installation, let’s talk about Snap and why it’s a great choice for Linux users. Snap is a cross-distro package manager developed by Canonical, allowing applications to run across different Linux distributions without compatibility issues. Snap packages automatically bundle dependencies, which means you get a seamless installation experience without missing library errors.

Benefits of Snap for Linux Users

Universal Compatibility: Runs on most Linux distributions, including Ubuntu, Fedora, Debian, and Arch.
Automatic Updates: Snap keeps your applications up-to-date with minimal user intervention.
Enhanced Security: Snap apps are sandboxed, which helps isolate each app for added security.

Step-by-Step Guide: How to Install WhatsApp on Linux with WhatsDesk via Snap

Ready to get started? Follow these simple steps to set up WhatsApp on Linux using WhatsDesk.

Step 1: Install Snap (if it’s not installed)

Snap comes pre-installed on some Linux distributions, like Ubuntu. However, if it’s missing, you can easily install it:

   # On Ubuntu/Debian-based systems
   sudo apt update
   sudo apt install snapd

   # On Fedora
   sudo dnf install snapd
   sudo ln -s /var/lib/snapd/snap /snap

   # On Arch-based systems
   sudo pacman -S snapd
   sudo systemctl enable --now snapd.socket

After installation, reboot if needed to ensure everything works smoothly.

Step 2: Install WhatsDesk Using Snap

Now, let’s install WhatsDesk, a desktop client that lets you use WhatsApp Web in a standalone application.

   sudo snap install whatsdesk

This command downloads and installs WhatsDesk. Once complete, you’ll find it in your applications menu.

Step 3: Link WhatsDesk to Your WhatsApp Account

Open WhatsDesk to display a QR code.
Open WhatsApp on your mobile device and navigate to Settings > Linked Devices.
Tap Link a Device and scan the QR code shown in WhatsDesk.

Congratulations! You can now use WhatsApp on your Linux desktop.

Important Note: WhatsDesk is Essentially WhatsApp Web in a Standalone App

Since WhatsDesk is an Electron-based wrapper, it’s essentially WhatsApp Web running as a standalone application. Here are some pros and cons to consider:

Pros

Lightweight and Easy to Use: There’s no complex setup—just scan and go.
Standalone Application: No need to keep a browser tab open.
Automatic Updates: With Snap, you always have the latest version without manual updates.

Cons

Limited Features: Some WhatsApp features available on mobile might not work.

Final Thoughts on Using WhatsApp on Linux with WhatsDesk

Running WhatsApp on Linux is easier than ever, thanks to Snap and apps like WhatsDesk. This setup is ideal for Linux users who prefer a native-like experience without keeping a browser tab open. As Snap expands, more applications will become universally accessible, making Linux a more versatile OS.

If you’ve set up WhatsDesk for WhatsApp on Linux or have questions about Snap, drop a comment below! This guide should help you get the most out of WhatsApp on your Linux setup.

Writing Terraform Configurations

Khuram Murad — Sun, 03 Nov 2024 11:23:15 +0000

This guide will walk you through writing effective Terraform configurations. Terraform, developed by HashiCorp, lets you manage infrastructure as code. Using HashiCorp Configuration Language (HCL), it allows you to describe resources in a clear, human-readable way. I’ll cover HCL basics, resource definitions, variables, outputs, and using modules for reusable components.

Understanding HashiCorp Configuration Language (HCL)

HCL is the backbone of Terraform. It’s designed to be easy to read and write, with a straightforward syntax for configuring infrastructure.

Basic Syntax:

HCL uses blocks, arguments, and expressions:

resource "aws_instance" "example" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
}

Blocks define objects (like resources or providers).
Arguments assign values to block properties.
Expressions represent values, including references to other resources.

Variables and Outputs

Variables make your configuration flexible, while outputs let you extract specific data from your resources.

Example of Variables and Outputs:

variable "instance_type" {
  description = "EC2 instance type"
  default     = "t2.micro"
}

output "instance_ip" {
  value = aws_instance.example.public_ip
}

Defining Resources

Resources represent infrastructure components, and they’re essential in any Terraform configuration.

Basic Resource Definition:

resource "aws_instance" "my_instance" {
  ami           = var.ami
  instance_type = var.instance_type
}

Resource Dependencies:

Terraform detects dependencies between resources to handle creation order. Explicit dependencies can be defined using depends_on.

Using Variables for Flexibility

Variables make configurations reusable and customizable.

Declaring Variables:

  variable "region" {
    description = "Deployment region"
    default     = "us-west-2"
  }

Using Variables:

  provider "aws" {
    region = var.region
  }

Passing Variables in Terraform and Their Precedence

Terraform provides multiple ways to pass variables, each with a specific order of precedence:

CLI Arguments: terraform apply -var="instance_type=t2.micro"
Environment Variables: export TF_VAR_instance_type=t2.micro
terraform.tfvars File
Auto-Loaded *.auto.tfvars Files
Variable Defaults in Configuration

Outputs: Extracting Information

Outputs let you access information from resources, useful for interfacing with other tools.

Example:

output "public_ip" {
  value = aws_instance.my_instance.public_ip
}

Modules: Promoting Reusability

Modules are collections of resources that can be reused.

Creating a Module: Define resources in a separate directory.
Using a Module:

  module "webserver_module" {
    source       = "./modules/webserver"
    ami          = "ami-123456"
    instance_type = "t2.micro"
  }

Best Practices for Terraform Configurations

Organize Resources: Group related resources in the same file or module.
Use Variables and Outputs Wisely: Define variables for frequently changed elements and outputs for key information.
Format and Validate Code: Use terraform fmt to format and terraform validate to check for errors.
Document Configurations: Add comments and document variables and outputs for clarity.

By following these tips and understanding these basics, you’ll be on your way to writing effective Terraform configurations. Whether managing a small setup or a large infrastructure, Terraform, with best practices, makes it easier to achieve your goals efficiently and with control.

Setting Up Terraform with AWS: A Beginner's Guide

Khuram Murad — Wed, 30 Oct 2024 12:25:01 +0000

Managing infrastructure can get complex, especially as your cloud footprint grows. Luckily, Terraform, an open-source Infrastructure as Code (IaC) tool, makes it simpler by automating the deployment and management of your infrastructure on AWS. In this guide, we’ll walk through the essentials of setting up Terraform with AWS, from configuring your credentials and setting up a basic project to implementing best practices like remote state storage and managing secrets securely. Let’s dive in!

Why Use Terraform with AWS?

Terraform’s integration with AWS provides a powerful, scalable solution for managing infrastructure. Here are some key benefits:

Automation and Efficiency: By automating infrastructure provisioning, Terraform reduces manual work and errors.
Scalability: Scaling your infrastructure up or down based on demand is straightforward.
Version Control: Using IaC, you can track changes and revert to previous states if necessary.

1. Configuring AWS Provider Credentials

To get started, you’ll need to set up credentials so Terraform can access your AWS account to create, update, and delete resources.

Creating an IAM User

Log in to your AWS Management Console.
Go to Identity and Access Management (IAM).
Create a new IAM user with programmatic access, which will give you an access key ID and a secret access key.

Pro Tip: Store your credentials securely. Using environment variables (AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY) instead of hardcoding them directly in code is a recommended practice.

Configuring the AWS Provider in Terraform

Define your AWS provider settings in Terraform by creating a simple provider block in your configuration:

provider "aws" {
  region     = "us-east-1"
  access_key = "your_access_key_here"
  secret_key = "your_secret_key_here"
}

For improved security, you can omit the access key and secret key here by setting them in environment variables instead.

2. Setting Up a Basic Terraform Project

A typical Terraform project is organized into files with specific roles to keep configurations modular and maintainable:

main.tf: This file contains your main configuration code.
variables.tf: This file declares variables to make your code more dynamic and reusable.
outputs.tf: Here, you define outputs that you might want to display or pass to other configurations.

Here’s an example:

# main.tf
resource "aws_s3_bucket" "my_bucket" {
  bucket = "my-unique-bucket-name"
  acl    = "private"
}

# variables.tf
variable "region" {
  description = "The AWS region"
  default     = "us-east-1"
}

# outputs.tf
output "bucket_name" {
  value = aws_s3_bucket.my_bucket.id
}

3. Configuring Backend for Remote State Storage

Terraform keeps track of your infrastructure state, which is essential for collaborative work and storing sensitive information securely.

Configuring an S3 Backend

Using S3 as a backend for your Terraform state allows you to share it across your team and provides a backup. Add this configuration to your project:

terraform {
  backend "s3" {
    bucket = "my-terraform-state-bucket"
    key    = "state"
    region = "us-east-1"
  }
}

With the S3 backend, any changes to the infrastructure state will be saved and versioned automatically in the bucket.

4. Managing Sensitive Data with AWS Secrets Manager

It’s important not to hardcode sensitive data (like database passwords or API keys) into your Terraform files. AWS Secrets Manager can help here by securely storing secrets.

Integrating AWS Secrets Manager with Terraform

Here’s how you can retrieve secrets from AWS Secrets Manager in your Terraform configuration:

data "aws_secretsmanager_secret_version" "my_secret" {
  secret_id = "my_secret_name"
}

resource "aws_db_instance" "my_database" {
  # other configuration...
  password = data.aws_secretsmanager_secret_version.my_secret.secret_string
}

In this example, Terraform retrieves the database password from Secrets Manager, keeping your sensitive data secure and out of the configuration files.

Conclusion

Setting up Terraform with AWS provides a powerful framework for efficiently managing cloud infrastructure as code. By following these practices—like using IAM roles for access, remote state storage, and securely managing sensitive data—you’ll establish a robust, scalable, and secure foundation for your infrastructure management. Now you’re ready to explore Terraform’s more advanced features to enhance your AWS setup even further!

Feel free to leave comments or questions below. Let’s build a resilient infrastructure together!

Step-by-Step Guide for Setting Up Nextcloud with GDPR Compliance

Khuram Murad — Sat, 26 Oct 2024 08:00:37 +0000

Objective

To set up a secure data storage and sharing system using Nextcloud for GDPR compliance, including data retention policies, encryption, and Two-Factor Authentication (2FA).

Prerequisites

Operating System: Ubuntu (server or desktop)
Root Privileges: Ensure you have sudo access

Step 1: Update System and Install Required Dependencies

Update your system:

   sudo apt update
   sudo apt upgrade -y

Install Apache, MariaDB, and PHP 7.4: Since PHP 7.4 is not available by default in recent Ubuntu repositories, add a PPA for older PHP versions.

   sudo add-apt-repository ppa:ondrej/php
   sudo apt update

Install PHP 7.4 and necessary extensions:

   sudo apt install apache2 mariadb-server libapache2-mod-php7.4 php7.4 php7.4-mysql php7.4-xml php7.4-mbstring php7.4-zip php7.4-gd php7.4-curl php7.4-intl php7.4-bz2 php7.4-json php7.4-sqlite3 php7.4-opcache -y

Step 2: Set Up MariaDB for Nextcloud

Secure the MariaDB installation:

   sudo mysql_secure_installation

Follow the prompts to set up a secure configuration.

Create a Database and User for Nextcloud:

   sudo mysql -u root -p

In the MariaDB prompt, run:

   CREATE DATABASE nextcloud;
   CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'yourpassword';
   GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextclouduser'@'localhost';
   FLUSH PRIVILEGES;
   EXIT;

Step 3: Download and Configure Nextcloud

Download Nextcloud:

   wget https://download.nextcloud.com/server/releases/nextcloud-21.0.1.zip
   unzip nextcloud-21.0.1.zip
   sudo mv nextcloud /var/www/html/

Set Permissions for Nextcloud:

   sudo chown -R www-data:www-data /var/www/html/nextcloud
   sudo chmod -R 755 /var/www/html/nextcloud

Step 4: Set Up Apache Virtual Host for Nextcloud

Create a new Apache configuration file for Nextcloud:

   sudo nano /etc/apache2/sites-available/nextcloud.conf

Add the following configuration (use localhost for a local setup):

   <VirtualHost *:80>
       DocumentRoot /var/www/html/nextcloud
       ServerName localhost

       <Directory /var/www/html/nextcloud/>
           AllowOverride All
           Require all granted
       </Directory>

       ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
       CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined
   </VirtualHost>

Enable the new configuration and required Apache modules:

   sudo a2ensite nextcloud.conf
   sudo a2enmod rewrite headers env dir mime

Restart Apache:

   sudo systemctl restart apache2

Step 5: Ensure PHP 7.4 is Enabled in Apache

If multiple PHP versions are installed, ensure Apache is using PHP 7.4.

Disable any higher PHP versions (if enabled):

   sudo a2dismod php8.3

Enable PHP 7.4:

   sudo a2enmod php7.4

Restart Apache:

   sudo systemctl restart apache2

Step 6: Complete Nextcloud Setup in the Browser

Open Nextcloud in your browser:
- Go to http://localhost or http://yourdomain.com.
Follow the setup wizard:
- Create an admin account.
- Specify the data directory (e.g., /var/www/html/nextcloud/data).
- Enter database details:
  - Database user: nextclouduser
  - Database password: The password you set
  - Database name: nextcloud
  - Database host: localhost
- Click Finish Setup to complete the installation.

Step 7: Apply GDPR Compliance Settings

A. Configure Data Retention Policies

Install the Retention App:
- Go to Settings > Apps > Admin.
- Enable the File Retention app if available.
Define Retention Policies:
- Go to Settings > Administration > Workflow.
- Set up file retention rules (e.g., automatic deletion of old files).

B. Enable Server-Side Encryption

Enable the Default Encryption Module:
- Go to Settings > Apps > Security.
- Enable Default Encryption Module.
Enable Server-Side Encryption:
- Go to Settings > Administration > Security.
- Enable Server-Side Encryption under the Encryption settings.

C. Enable Two-Factor Authentication (2FA)

Install the Two-Factor TOTP Provider App:
- Go to Settings > Apps > Security.
- Enable Two-Factor TOTP Provider.
Set Up 2FA for User Accounts:
- Go to Settings > Security in your user profile.
- Follow the setup process to link your account with a 2FA app (e.g., Google Authenticator).
- Admins can enforce 2FA for all users under Administration > Security.

Summary

Installed Dependencies: Apache, MariaDB, PHP 7.4 with necessary modules.
Configured MariaDB: Created a database and user for Nextcloud.
Set Up Nextcloud: Downloaded, configured, and installed Nextcloud.
Applied GDPR Compliance: Configured data retention, enabled encryption, and set up 2FA.

Your Nextcloud setup is now fully operational with GDPR compliance for secure data management. Let me know if you need further assistance!

DEV Community: Khuram Murad

How I Fixed ‘No NIC Except Loopback’ on CentOS Stream Minimal in VMware

1. Symptom

2. Root Cause

3. The Fix

A. Switch to NAT (Built‑in DHCP)

B. Verify the Guest Sees a NIC

C. Grab an IP via DHCP

D. Create a Persistent NetworkManager Profile

4. Confirm Everything Works

Notes & Alternatives

🚦Tired of Port Collisions? How I Shifted Jenkins Off 8080 to 9595 (Ubuntu)

🧩 The Problem

🕵️ What Went Wrong ⚠️

🛠️ Step‑by‑Step Fix: Manual Drop‑In Override

1. Create the override directory

2. Create (or edit) override.conf

3. Reload systemd & restart Jenkins

4. Verify the new port

🎉 Why This Works

🧪 Common Gotchas

✅ Final Checklist

🚀 Beyond the Port

References

The Ultimate Guide to SSH Hardening: Secure Your Remote Access

🔧 Step 1: Installation & Basic Configuration

Why Start Here?

1. Check if SSH is Installed

2. Install OpenSSH Server

3. Verify SSH Service Status

🔐 Step 2: Hardening SSH Configuration (sshd_config)

Why Harden sshd_config?

1. Backup the Original Config (Safety First!)

2. Edit /etc/ssh/sshd_config

3. Restart SSH to Apply Changes

🔑 Step 3: Key-Based Authentication (More Secure Than Passwords)

Why Use SSH Keys?

1. Generate SSH Keys (On Your Local Machine)

2. Copy Public Key to Server

3. Test Key-Based Login

🛡️ Step 4: Firewall Rules (Restrict SSH Access)

Why Use a Firewall?

UFW (Ubuntu/Debian)

Firewalld (RHEL/CentOS)

🚨 Advanced Security: Fail2Ban & 2FA

1. Fail2Ban (Automatically Blocks Attackers)

2. Two-Factor Authentication (2FA) for SSH

🔍 Monitoring & Maintenance

1. Check Failed Login Attempts

2. Test SSH Config Before Applying

✅ Final Security Checklist

🚀 Conclusion

🐳 [Fix] Can't Install Docker on Ubuntu 22.04? Here's the Real Solution (NO_PUBKEY Error)

🚀 Fix the GPG Key Error and Install Docker on Ubuntu 22.04

1. Remove Any Existing Docker Repository Configuration

2. Update and Install Prerequisites

3. Add Docker’s GPG Key Securely

4. Add the Docker Repository

5. Update APT and Install Docker

6. Verify Docker Installation

🙌 Optional: Run Docker Without sudo

🛠 Troubleshooting the "Token" Error

🔍 If the Issue Persists

✅ Final Notes

🛠️ Resolving GRUB Boot Issues After Reinstalling Windows 11 in a Dual-Boot Setup

📝 The Issue

🔧 Solution Overview

🛠️ Step-by-Step Guide

1. Modify Boot Order in BIOS/UEFI

2. Update GRUB Configuration with the Correct UUID

3. Verify the Solution

🎯 Conclusion

🚀 How I Fixed "Not Enough Free Space in /var" While Upgrading Kali Linux

🔍 Investigating the Disk Space

Disk Layout Before Fixing the Issue:

🛠️ Step-by-Step Solution: Expanding the /var Partition in LVM

📌 Step 1: Expanding the Virtual Disk in VMware

📌 Step 2: Checking Available Space

Output Before Resizing Partitions:

📌 Step 3: Resizing the Partition (/dev/sda5) to Use the Free Space

2. Create (or edit) `override.conf`

🔐 Step 2: Hardening SSH Configuration (`sshd_config`)

Why Harden `sshd_config`?

2. Edit `/etc/ssh/sshd_config`

🙌 Optional: Run Docker Without `sudo`

🛠️ Step-by-Step Solution: Expanding the `/var` Partition in LVM

📌 Step 3: Resizing the Partition (`/dev/sda5`) to Use the Free Space

📌 Step 5: Extending the `/var` Logical Volume

📌 Step 6: Resizing the `/var` Filesystem