Diogo Ferreira

Running Steam on Debian using an Nvidia graphics card

If you’re running Steam on Debian using an Nvidia graphics card, you’ll probably run into this error when you’re starting Steam for the first time:

You are missing the following 32-bit libraries, and Steam may not run:
libGL.so.1

To solve it just install the following package:

# apt install libgl1-nvidia-glx:i386

Steam should now start without complaining.

This happened to me in Debian Sid, but I’ll assume it’s the same procedure for the stable version.

Edit #1: As of today, 02/10/2020, on Debian Sid, you have to run the following command instead:

# apt install libglx-nvidia0:i386

Edit #2: As of today, 22/10/2020, on Debian Sid, you also have to run the following command:

# apt install libgl1-nvidia-glvnd-glx:i386

How to hide the libvirt-qemu user from the login screen on Linux Mint 19.1

This is a simple tip on how to hide the libvirt-qemu user from your login screen.


If you installed the KVM package using apt on your Linux Mint 19.1 you may notice that a new user shows up on your login screen (at least if you’re using Cinnamon DE with LightDM).

You can hide it by running the following commands:

$ printf "[User]\nSystemAccount=true\n" | sudo tee /var/lib/AccountsService/users/libvirt-qemu
$ sudo systemctl restart accounts-daemon.service

After logging out that user should be gone from your login screen.

OpenSSL cheat sheet

This OpenSSL cheat sheet was originally found on bitrot.sh. Since the site appears to be gone, and I had this saved, I’m leaving it here for future reference.

Generating Certificates

Generate RSA Private Key + CSR

openssl req -out newkey.csr -new -newkey rsa:[bits] -nodes -keyout priv.key

Generate Self Signed Certificate + Priv Key

openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:[bits] -keyout priv.key -out cert.crt

Generate CSR for existing Cert

openssl x509 -x509toreq -in cert.crt -out newreq.csr -signkey priv.key

Generate CSR for Existing Key

openssl req -out oldkey.csr -key priv.key -new

Create a CA

openssl req -new -x509 -extensions v3_ca -keyout ca.key -out ca.crt -days [days valid]

Generate Diffie-Hellman Keys

openssl dhparam -out dhparam.pem [bits]

Examining Certificates

Examine a CSR

openssl req -text -noout -verify -in oldreq.csr

Examine a Private Key

openssl rsa -in priv.key -check

Examine a Certificate

openssl x509 -in cert.crt -text -noout

Examine PKCS files

openssl pkcs12 -info -in key.pfx

Converting Formats

PEM to DER

openssl x509 -outform der -in cert.pem -out cert.der

DER to PEM

openssl x509 -inform der -in cert.cer -out cert.pem

PKCS to PEM

openssl pkcs12 -in key.pfx -out key.pem -nodes

PEM to PKCS

openssl pkcs12 -export -out cert.pfx -inkey priv.key -in cert.crt -certfile ca.crt

Encryption and Decryption

List Encryption Schemes

openssl enc -h

Advanced Encryption Standard CBC Mode

Encrypt

openssl aes-256-cbc -salt -in priv.txt -out priv.txt.enc

Decrypt

openssl aes-256-cbc -d -in priv.txt.enc -out priv.txt.new

AES CBC Output as Base64 File

Encrypt

openssl aes-256-cbc -a -salt -in priv.txt -out priv.txt.enc

Decrypt

openssl aes-256-cbc -a -d -in priv.txt.enc -out priv.txt.new

Check Remote Certificates

HTTPS Server

openssl s_client -showcerts -connect www.example.com:443

IMAP Server

openssl s_client -showcerts -starttls imap -connect mail.eample.com:139

XMPP Server

openssl s_client -showcerts -starttls xmpp -connect chat.example.com:5222

Present Client Certificate

openssl s_client -showcerts -cert cert.crt -key cert.key -connect www.example.com:443

Verify Certificates

Verify Certificate with CA Certificate

openssl verify -verbose -CAFile ca.crt cert.crt

Verify Private Key Matches Certificate

openssl x509 -modulus -noout -in cert.crt | openssl md5openssl rsa -modulus -noout -in priv.key | openssl md5

All credits of this OpenSSL cheat sheet go to the original author.

Convert SSH key from PuTTY to OpenSSH


Recently I’ve had to migrate an SSH key that was generated on a Windows 10 machine to a Debian workstation. The instructions on how to convert an SSH key generated on PuTTY to OpenSSH are as simple as:

sudo apt install putty-tools
puttygen your-windows-10-private-key.ppk -O private-openssh -o your-openssh-private-key-name

And that’s it! This will get your private key on a format that openssh will recognize.
To check your public key just run:

puttygen your-windows-10-public-key -L

Put it wherever you like!

Use virt-manager without root password on Debian 9


After installing virt-manager on Debian 9 you’ll notice that every time you try to open it it will ask for your root password.
In order to avoid that you’ll just need to add your user to the libvirt group:

sudo usermod -aG libvirt dferreira

Logout and login again. You can now open virt-manager without your root password.