> The /etc/machine-id file contains the unique machine ID of the local system that is set during installation. The machine ID is a single newline-terminated, hexadecimal, 32-character, lowercase ID. When decoded from hexadecimal, this corresponds to a 16-byte/128-bit value.
> The machine ID is usually generated from a random source during system installation and stays constant for all subsequent boots. Optionally, for stateless systems, it is generated during runtime at early boot if it is found to be empty.
And guess what, that file is readable by anyone on the machine!
$ ls -l /etc/machine-id -r--r--r-- 1 root 33 Feb 1 2019 /etc/machine-id
> This ID uniquely identifies the host. It should be considered "confidential", and must not be exposed in untrusted environments, in particular on the network. If a stable unique identifier that is tied to the machine is needed for some application, the machine ID or any part of it must not be used directly. Instead the machine ID should be hashed with a cryptographic, keyed hash function, using a fixed, application-specific key. That way the ID will be properly unique, and derived in a constant way from the machine ID but there will be no way to retrieve the original machine ID from the application-specific one.
Anthony Flores
man7 .org/linux/man-pages/man5/machine-id.5.html
>The machine ID is usually generated from a random source during system installation and stays constant for all subsequent boots. Optionally, for stateless systems, it is generated during runtime at early boot if it is found to be empty. >It's nothing.
Logan White
man: No entry for machine-id in the manual.
Luis Evans
WSL losers.
Hunter Price
Your system will only add man pages for software installed. You are running a systemd-less distribution.
overwrite the file in a way that matches its pattern
Eli Flores
Why would you want to? Just because it's identifiable doesn't mean something's actually using it to track you, there are a ton of other things that have been used to track people, stop falling for low quality FUD like these.
Caleb Brown
>so how the heck do you change it? >overwrite the file in a way that matches its pattern did you even read what its purpose is? if you change it while the machine is running, you will fuck up the kernel.
you have to unmount the root system, change the machine-id and then boot again.
Isaac Stewart
>fuck up the kernel Kernel doesn't even use it, faggot. Systemd is separate from it. You may fuck up Systemd though.
Oliver Moore
od -N16 /dev/urandom -tx4 -w16 | head -n1 | sed -e 's/^[^ ]* //' | od -N16 /dev/urandom -tx4 -w16 | head -n1 | sed -e 's/^[^ ]* //' | sed -e 's/ //g' >/etc/machine-id
Fell free to improve that shitty script.
Bentley Davis
void doesnt have this issue
Kevin Evans
Nice FUD bro.
An application needs root to access that. If you're paranoid don't give anything outside of root read or write access. Problem solved.
Besides a unique identifier for a linux box can be useful when used properly.
Isaiah Walker
based community contributer poster
Ryder Green
Imagine being this retarded. Use dbus-uuidgen you mouth-breathing idiot.
Ayden Barnes
>An application needs root to access can't you read the fucking permissions part of the ls output? how fucking retarded are you? ps: fuck off back to plebbit.
xiao8 back to offlane?????? is this gonna be chinese year?
Brayden Long
Yeah
Ian Hernandez
whoops wrong board
Jeremiah Baker
VOID WINS AGAIN
LENARD PUTTERING SUCKS GAY DICKS
Nathaniel Nguyen
>Every Linux install Wrong. Every Linux install with systemd. None of my systems have systemd aside from a publicly accessible server which can be tracked by any number of ways, but IDGAF because it's literally binding a tld to itself.
