Linux Security and Systems Administration Glossary

This glossary serves as a companion reference to our SSH, Debian, and grep comprehensive guide and advanced Linux security guide. Use it to quickly look up unfamiliar terms while learning.

Quick Navigation

• SSH & Cryptography
• Debian Package Management
• Text Processing & Regular Expressions
• Security Concepts
• Network & System Administration

SSH & Cryptography

A-E

AES (Advanced Encryption Standard)

• Symmetric encryption algorithm using 128, 192, or 256-bit keys
• Hardware-accelerated on modern CPUs via AES-NI instructions
• Example: Ciphers aes256-gcm@openssh.com
• See: SSH cipher selection in our guide

Authentication Layer

• Second layer of SSH protocol handling user authentication
• Supports multiple methods: password, public key, certificate
• Related: SSH authentication methods

Boyer-Moore Algorithm

• String search algorithm that scans from right to left
• Faster on longer patterns due to skip tables
• Implementation: grep’s Boyer-Moore explained

Certificate Authority (CA)

• Trusted entity that signs SSH certificates
• Eliminates need for individual key distribution
• Example implementation: Enterprise SSH CA setup

ChaCha20-Poly1305

• Stream cipher with authenticated encryption
• Faster than AES on systems without hardware acceleration
• Usage: Ciphers chacha20-poly1305@openssh.com

ControlMaster

• SSH feature allowing connection multiplexing
• Reuses single TCP connection for multiple sessions
• Configuration: Multiplexing setup

F-M

HMAC (Hash-based Message Authentication Code)

• Ensures message integrity in SSH communications
• Prevents tampering during transmission
• Example: MACs hmac-sha2-256

Host Key

• Server’s public key used for host authentication
• Stored in /etc/ssh/ssh_host_*_key.pub
• Verification prevents man-in-the-middle attacks

Key Exchange (KEX)

• Process of establishing shared secret over insecure channel
• Post-quantum algorithms: mlkem768x25519-sha256
• Details: Quantum-resistant SSH

Known Hosts

• File storing fingerprints of previously connected servers
• Location: ~/.ssh/known_hosts
• Certificate alternative: @cert-authority entries

Multiplexing

• Sharing single SSH connection for multiple sessions
• Reduces handshake overhead from 14 to 0 round trips
• Performance impact: SSH optimization

N-Z

Post-Quantum Cryptography

• Algorithms resistant to quantum computer attacks
• OpenSSH 10.0 default: mlkem768x25519-sha256
• Migration guide: Post-quantum SSH setup

ProxyJump

• SSH feature for connecting through bastion hosts
• Syntax: ssh -J bastion.host target.host
• Use cases: Multi-hop connections

Public Key Authentication

• Asymmetric cryptography for passwordless login
• Key pair: private (secret) and public (shared)
• Setup: Key generation guide

Transport Layer

• Lowest SSH protocol layer handling encryption
• Manages key exchange and re-keying
• Provides confidentiality and integrity

Debian Package Management

A-D

APT (Advanced Package Tool)

• High-level package management interface
• Handles dependency resolution automatically
• Commands: apt install, apt update, apt upgrade
• Fundamentals: APT basics

apt-key (Deprecated)

• Legacy tool for managing repository signing keys
• Replaced by /etc/apt/keyrings/ directory
• Migration: Modern repository setup

.deb File

• Debian package format (ar archive)
• Contains: control.tar.xz (metadata) + data.tar.xz (files)
• Structure: Package internals

debsums

• Verifies integrity of installed package files
• Compares against MD5 checksums
• Usage: debsums -c to check, debsums -g to generate

Dependency

• Package required for another package to function
• Types: Depends, Recommends, Suggests, Enhances
• Resolution: APT dependency solving

dpkg

• Low-level package installation tool
• Direct manipulation of .deb files
• Database location: /var/lib/dpkg/
• Details: dpkg mechanics

E-P

Half-configured

• Package state when post-installation script fails
• Recovery: dpkg --configure -a
• Troubleshooting: Package states

InRelease File

• Repository metadata with inline GPG signature
• Prevents race conditions in verification
• Security: Repository signing

Maintainer Scripts

• Shell scripts run during package lifecycle
• Types: preinst, postinst, prerm, postrm
• Must be idempotent (safe to run multiple times)

Package State

• Three components: desired, current status, error flags
• Stored in /var/lib/dpkg/status
• States: not-installed, unpacked, half-configured, configured

Pool Directory

• Repository structure organizing packages
• Path format: /pool/[component]/[letter]/[package]/
• Purpose: Prevents filesystem limitations

Pre-Depends

• Stronger than regular dependencies
• Must be configured before package unpacking
• Used for critical system packages

Q-Z

Repository

• Server hosting collections of packages
• Configured in /etc/apt/sources.list
• Components: main, contrib, non-free

reprepro

• Tool for managing local Debian repositories
• Handles package uploads and metadata generation
• Example: Creating repositories

SAT Solver

• Boolean satisfiability solver for dependencies
• APT 3.0 uses DPLL algorithm
• Improvement over heuristic approach

signed-by

• APT source option specifying repository key
• Replaces global trust of apt-key
• Example: deb [signed-by=/etc/apt/keyrings/repo.gpg]

Text Processing & Regular Expressions

A-L

Anchor

• Regex markers for position: ^ (start), $ (end)
• Example: ^ssh matches lines starting with “ssh”
• Usage: grep patterns

Backtracking

• Regex engine trying alternative matches
• Can cause exponential time complexity
• Mitigation: Use atomic groups or possessive quantifiers

grep

• Global Regular Expression Print
• Searches text using patterns
• Variants: grep (basic), egrep (extended), fgrep (fixed)
• Guide: grep fundamentals

Greedy Quantifier

• Matches as much as possible: .*, .+
• PCRE alternative: non-greedy .*?, .+?
• Difference: PCRE vs POSIX

LC_ALL=C

• Environment variable disabling Unicode processing
• Can improve grep performance 10-100x
• Trade-off: Loses Unicode support

Lookahead/Lookbehind

• PCRE assertions without consuming text
• Positive: (?=pattern), (?<=pattern)
• Negative: (?!pattern), (?<!pattern)
• Examples: Advanced PCRE patterns

M-Z

PCRE (Perl Compatible Regular Expressions)

• Extended regex dialect with advanced features
• Supports lookarounds, non-greedy quantifiers
• Tool: pcre2grep or grep -P

POSIX Regular Expressions

• Standard regex in Unix tools
• Two types: Basic (BRE) and Extended (ERE)
• Linear time guarantee with finite automata

ripgrep (rg)

• Fast alternative to grep written in Rust
• Automatically respects .gitignore
• 5-10x faster than GNU grep
• Comparison: Modern alternatives

SIMD Instructions

• Single Instruction, Multiple Data
• Parallel processing of multiple characters
• Used in grep and ripgrep for speed

Security Concepts

A-M

Brute Force Attack

• Attempting many passwords/keys systematically
• Detection: Failed authentication patterns
• Protection: fail2ban, rate limiting
• Implementation: Brute force detection

CVE (Common Vulnerabilities and Exposures)

• Standardized vulnerability identifiers
• Format: CVE-YYYY-NNNNN
• Example: CVE-2024-6387 (RegreSSHion)

Fail2ban

• Intrusion prevention system
• Blocks IPs after repeated failures
• Configuration: Regular expressions for log parsing

Lateral Movement

• Attacker moving between compromised systems
• Detection: SSH after authentication patterns
• Monitoring: Security correlation

Man-in-the-Middle (MITM)

• Intercepting communications between parties
• SSH protection: Host key verification
• Prevention: Known hosts, certificates

N-Z

Privilege Escalation

• Gaining higher access rights
• Detection: sudo/su commands after login
• Patterns: Security monitoring

RegreSSHion (CVE-2024-6387)

• Signal handler race condition in OpenSSH
• Affects versions 8.5p1-9.7p1
• Details: Vulnerability analysis

SIEM (Security Information Event Management)

• Centralized security event collection/analysis
• Integration: syslog, JSON events
• Implementation: Security monitoring

SQL Injection

• Inserting malicious SQL into application queries
• Detection patterns: UNION SELECT, OR 1=1
• grep patterns: Security detection

Network & System Administration

A-L

Bastion Host

• Hardened server for accessing internal network
• Also called jump host or jump server
• SSH usage: ProxyJump feature

CI/CD (Continuous Integration/Deployment)

• Automated software build and deployment
• Tools: GitLab CI, GitHub Actions, Jenkins
• Example: Deployment pipelines

GitOps

• Using Git as source of truth for infrastructure
• Tools: Flux, ArgoCD
• Benefits: Audit trail, rollback capability

Idempotent

• Operation producing same result when repeated
• Critical for configuration management
• Example: Ansible playbooks, maintainer scripts

Infrastructure as Code (IaC)

• Managing infrastructure through code
• Tools: Terraform, Ansible, Puppet
• Evolution: From scripts to IaC

M-Z

Multiplexing

• Multiple logical connections over single physical connection
• SSH: ControlMaster/ControlPath
• Benefits: Reduced latency, resource usage

Round Trip Time (RTT)

• Time for signal to travel to destination and back
• SSH handshake: 14 round trips normally
• Optimization: Multiplexing reduces to 0

Systemd

• Init system and service manager for Linux
• Commands: systemctl, journalctl
• SSH service: systemctl status ssh

Three-way Merge

• Combining changes from two sources with common ancestor
• Used in package configuration updates
• Preserves user modifications

Learning Resources & References

Books & Documentation

• “SSH, The Secure Shell: The Definitive Guide” - Barrett, Silverman, Byrnes (O’Reilly)
• “The Debian Administrator’s Handbook” - Hertzog & Mas (Free online)
• “Mastering Regular Expressions” - Jeffrey Friedl (O’Reilly)
• GNU Manuals: gnu.org/manual
• Linux Documentation Project: tldp.org

Online References

• NIST Computer Security Glossary: csrc.nist.gov/glossary
• RFC Editor (Internet standards): rfc-editor.org
• Debian Policy Manual: debian.org/doc/debian-policy
• OpenSSH Manual: openssh.com/manual.html

Practice Environments

• OverTheWire Bandit: SSH practice challenges
• HackTheBox: Security testing environment
• Debian Virtual Machines: Practice package management
• RegexOne: Interactive regex tutorials

How to Use This Glossary

1. While reading guides: Keep this open in another tab for quick lookups
2. Cross-references: Click links to see terms used in context
3. Learning paths: Start with fundamental terms, progress to advanced
4. Bookmarking: Save specific sections for your current learning focus
5. Contributing: Suggest new terms as you encounter them

This glossary is continuously updated as new guides are added. For the complete learning experience, start with our comprehensive technical guide and advance to our enterprise security guide.