Java 8 on Debian 10+

Alternative for AdoptOpenJDK

Debian 10 and higher (e.g. Buster or Bullseye) no longer provide Java 8. However certain software, including Sonatype Nexus, still is not compatible with versions higher than 8. In this past it was easy to install AdoptOpenJDK. However now that AdoptOpenJDK has moved to the Eclipse Foundation and is called... [Read More]
Tags: java ops group9

UEFI Boot Walkthrough

From power-up to systemd

Booting a modern PC is a rather complex affair with many moving parts. While all individual parts are described in create detail, the overall process is less well documented. In this blog post I will attempt to provide a high-level overview, describing the components involved, their interfaces, and providing links... [Read More]
Tags: ops uefi

iptables vs nftables

Upgrade, or not yet

nftables will eventuelly replace iptables as the Linux kernel packet classification framework, more comply referred to as ‘the firewall’. Both are still maintained, and will be for a while. So which one should you choose? [Read More]
Tags: ops sec

Safe reload with nftables

Reducing the risk of getting locked out

As of Debian Buster the default package filtering mechanism is nftables replacing iptables1. When using iptables I have always used the excellent Shorewall to help manage the firewall. Unfortunately Shorewall does not, and probably never will, support nftables2. Nftables has a number of improvements over iptables including features which provide... [Read More]
Tags: ops sec