Anno domini 2020 Sat, 29 Aug 01:28:56 -0700 William Morder via trinity-users scripsit: > > On Saturday 29 August 2020 01:10:15 Dr. Nikolaus Klepp wrote: > > Hi Bill! > > > > Anno domini 2020 Fri, 28 Aug 17:06:31 -0700 > > > > William Morder via trinity-users scripsit: > > > Okay, so a new thread, as things have changed and progressed somewhat, > > > but now I have new problems. > > > > > > I got my system restored *almost* to how I want it, but some things have > > > changed in my system, and I did not make those changes. > > > > > > #1 - When installing, I deliberately chose *not* to set a root password; > > > since nobody else ever gets to touch my system, it is enough that my user > > > password is granted root privileges when I use sudo or su. > > > > Always set a root password, even it's 123456789. Not all programs accept > > root without password. > > Yeah, I tried that, but I always end up with this same problem. When I tried > setting a root password before (because it always seemed like the *right* > answer), I got this same result. > > When I made the move from Kubuntu to Debian, I went through this root-password > thing at least 5 or 6 times. I always ended up with a system where I could > not be granted admin or root privileges ... EXCEPT in a sudo su shell! So > that's what I usually do: I create a sudo su shell, then exit and allow > permissions to expire, then when I need quick access again, I just hit my UP > arrow key, re-enter password, and go back into sudo su to kill something or > whatever else needs immediate attention. > > Now, it would be nice to crack this nut, once and for all, but I don't want to > keep asking my own machine for permission to do things. The question is, > which of us is master? Hm. I'm quite sure I'm master on my systems, but that could be a delusion ... What I have not understood yet: you can get root access from terminal with "su" or you have to use "sudo bash" ? > > > > > > > Anyway, so now, suddenly, I am asked for the root password in order to > > > run gufw and other such stuff. But when I enter my password, I get a > > > message that the password is incorrect. This happened before, long ago, > > > when I first switched from (k)ubuntu to debian; debian seems to have a > > > stricter default policy, which is probably a good thing, and I probably > > > ought to get the hang of this thing, right? > > > > > > So I need an easier solution than whatever this is that I am doing (or > > > not doing). I have been combing through my Linux pocket guide and Linux > > > in a Nutshell and Linux Bible, etc., but they all say the same thing, and > > > none of them work. > > > > > > #2 - I still want a graphical firewall that runs like the old > > > Firestarter; gufw isn't quite what I want, or maybe I just haven't yet > > > configured it properly. > > > > didn't know Firestarter, but it loks nice for a firewall. I have to admit I > > don't like linux firewall (I prefer the BSD way). Anyway, I use "ufw" - it > > has a nice GUI, depending on your text editor :) > > > > > What I want is not just a GUI, but instead, one that displays *active > > > connections* as they appear and disappear, and allows changing rules on > > > the fly. Is there such a thing? > > > > "fierwall-applet" could be what you want, but it drags in a hole bunch of > > things. > > > Will check it out, thanks. > > > > Running it in a terminal would suit me just fine, so long as it is a > > > dynamic display of active connections as they occur. Also an easier way > > > to edit iptables. (I read that there is some new "thing" to replace > > > iptables, meaning that ufw and gufw and their kin will all become > > > obsolete very soon, apparently being phased out, and I had a hard time > > > downloading them.) > > > > > > Another possible fix would be: to pass my firestarter rules (based on > > > iptables) along to ufw/gufw. > > > > gufw? a gui for ufw? Abomoination! > > That could definitly be done. Are you in for a bit of shell black magic? > > > > I am always prepared for some black magic. That is why I keep my *Linux in a > Nutshell* grimoire always close to hand. Oh, and salt, burning sulfur, > candles and incense, and some cats. > > I used to keep goats and chickens, but nowadays my landlord is always > complaining. > > Seriously, whatever you can recommend to get me back "in control" of the > Mother Ship. > > Thanks a bunch! > > > > But anyway, what I want is to see my active connections. (See enclosed > > > screenshot.) > > > > > > Any help or comments or suggestions are appreciated. If not, at least a > > > good joke. > > > > Windows guys suggest to run a firewall in amazon cloud and send all your > > network through it. I still have not figured out if tis is a bad joke or > > that they actully do, but I have the strong feeling this is a seriouse > > advise (there are commertial offers for this kind of stuff). > > It sounds like these kids forget everything about security, privacy, whenever > somebody says the word "cloud" -- then it's all okay. > > > > > > Bill > > > > > > P.S. The worst insult is, just before my upgrade, I had got my Jessie > > > system fine-tuned to near-perfection, and was feeling rather smug and > > > virtually bulletproof. On the bright side: Beowulf/Buster does seem to > > > run better, overall, except for when I can't get it to DO WHAT I WANT. > > > > > > :-\ > > > > > > See screenshot for firewall example. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx > For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx > Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/ > Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting > > -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... --------------------------------------------------------------------- To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/ Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
