Quick and easy SSH key installation.

  crypto howto keys ssh sysadmin

I know I haven't posted much this month.  The holiday season is in full effect and life, as I'm sure you know, has been crazy.  I wanted to take the time to throw a quick tip up that I just found out about which, if nothing else, will make it easier to get up and running on a Raspberry Pi that you've received as a gift.  Here's the situation:

You have a new account on a machine that you want to SSH into easily.  So, you want to quickly and easily transfer over one or more of your SSH public …


Fully remote backups of websites.

  websites backups howto dreamhost mysql rsync ssh databases

A couple of weeks ago my webhosting provider sent me a polite e-mail to inform me that I was using too much disk space. A cursory examination of their e-mail showed that they were getting upset about the daily backups of my site that I was stashing in a hidden directory, and they really prefer that all files in your home directory be accessible. I ran a quick check and, sure enough, about twenty gigabytes times two weeks of daily backups adds up to a fair amount of disk space. So, the question is, how do I keep backing up …


Safe browsing from hacker cons: Running a personal proxy.

  conventions encryption firefox linux proxy security ssh travel windows

Whenever I plan on using my laptop at a convention, in particular at hacker cons, it's practically assured that an unknown number of attendees will be monitoring the wireless network in some manner for nefarious purposes. Because many application protocols in use do not use cryptographic systems to protect traffic (like instant messenger and webmail), it's possible to record what people are doing as they do it, or worse record the credentials used to log in. The software to do this is trivially easy to acquire because protocol analyzers (more commonly called packet sniffers) have legitimate uses when troubleshooting networks …


Helllllooooooooo.... Philadelphia!

  wtf pennsylvania philadelphia sitrep ssh ssl travel wireless work

Well, I'm the field again, back in Philadelphia, Pennsylvania to fight the good fight.

Or get myself so worked up that I'll blow through an incarnation, I'm not sure which. It's too early to tell.

My cow-orkers picked me up around 1000 EST5EDT on Monday morning (so written because it'll be well after midnight when I get around to posting this) - apparently my vehicle is distinctive enough that they found my apartment building without too much trouble. Apparently they like the magnets on my car, something that I find endlessly amusing because so few people mention them. After a quick …


Random knowledge X.

  bios computing configuration crossover debian destiny e_mail linux moving mutt networking new_word packing pdf postscript ppp solaris ssh toshiba upgrades x

How to set up a crossover ethernet connection between two Sun Solaris machines:

  • Connect both machines using a crossover ethernet cable.

  • root@solaris-machine-1# ifconfig plumb

  • root@solaris-machine-1# ifconfig netmask

  • root@solaris-machine-1# ifconfig up

  • On each machine, ping the other. If both are reported as being alive, you're golden.

It would look something like this on a live setup:

root@igg# ifconfig ce1 plumb

root@ook# ifconfig ce1 plumb

root@igg# ifconfig ce1 netmask

root@ook# ifconfig ce1 netmask

root@igg# ifconfig ce1 up

root …


Random knowledge VIII.

  aging alerts authentication certificates colleagues dating debian firewalls friends ibm iptables keys linux logging openssh pencams pkgconfig protocols redhat rpm signatures snort software ssh stv0680 titles women work xft

You're getting old if you consider sleeping until 0900 'sleeping in'.

When configuring a firewall with IPTables you have to specify the protocol before the port number(s) in each command. Do this:

iptables -A INPUT -s -p tcp --dport 22 -j ACCEPT

and not this

iptables -A INPUT -s --dport 22 -p tcp -j ACCEPT

If you don't, you'll see error messages to the effect of "Unknown arg '--dport'"

When writing Snort rules, there are a few things to keep in mind. First of all, rules come in two parts: the …