Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for A couple of tricks with the secure shell


CLI Magic: OpenSSH + Bash

Post date: January 25, 2006, 20:01 Category: Network Views: 2923 Comments
Tutorial quote: As a system administrator, I have used OpenSSH's piping abilities more times than I can remember. The typical ssh call gets me access to systems for administration with a proven identity, but ssh is capable of so much more. In combination with bash's subshell invocation, OpenSSH can distribute the heavy work, reduce trace interference on a system under test, and make other "impossible" tasks possible. I've even used it to make Microsoft Windows remote administration easier.

In the examples below, I have tried to avoid GNU-specific idioms for tools which have non-GNU counterparts. This practice improves portability of shell scripts in heterogeneous environments.

Entering A Safe Mirror When Logging In With Unionfs And Chroot

Post date: June 28, 2007, 00:06 Category: Miscellaneous Views: 2577 Comments
Tutorial quote: When reading a hint on the website of LinuxFromScratch I discovered the special capabilities of unionfs, specially in combination with chroot. Later I read a HowTo on a wikiwebsite of Gentoo, about entering a chrooted home directory when using a special script as shell. Combining these two brings me to using a chrooted environment, which you enter when logging in as a special user. This environment is an exact copy (mirror) of the system you are working on. Because you are in safe copy of the real system, you can do whatever you like, it will never change the system, everything stays inside the cache (the readwrite branch).

Restricting Users To SFTP Plus Setting Up Chrooted SSH/SFTP (Debian Squeeze)

Post date: September 6, 2011, 07:09 Category: Miscellaneous Views: 5220 Comments
Tutorial quote: This tutorial describes how to give users chrooted SSH and/or chrooted SFTP access on Debian Squeeze. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to restrict users to SFTP so that they cannot use SSH (this part is independent from the chroot part of this tutorial).

Hardening Linux: a 10 step approach to a secure server

Post date: June 22, 2005, 10:06 Category: Security Views: 3479 Comments
Tutorial quote: The Internet has become a far more dangerous place than it was 20 years ago. Nowadays, Operating System and application security is an integral part of a server configuration and, while firewalls are very important, they are not the panacea.

This list of steps is intended as a guideline with a practical approach. We’ll try to provide a complete picture without getting into unnecesary details. This list won’t replace a good book on secure systems administration, but it will be useful as a quick guide.

Before we get started it’s worth to mention that security is not a status: it’s just a process. The correct initial setup of the server only provides a good start and helps you get half the way through. But you actually need to walk the other half of the road, by providing proper security vigilance, monitoring and updating.

How To Look Like A UNIX Guru

Post date: October 30, 2006, 02:10 Category: Miscellaneous Views: 5641 Comments
Tutorial quote: UNIX is an extremely popular platform for deploying server software partly because of its security and stability, but also because it has a rich set of command line and scripting tools. Programmers use these tools for manipulating the file system, processing log files, and generally automating as much as possible.

If you want to be a serious server developer, you will need to have a certain facility with a number of UNIX tools; about 15. You will start to see similarities among them, particularly regular expressions, and soon you will feel very comfortable. Combining the simple commands, you can build very powerful tools very quickly--much faster than you could build the equivalent functionality in C or Java, for example.

This lecture takes you through the basic commands and then shows you how to combine them in simple patterns or idioms to provide sophisticated functionality like histogramming. This lecture assumes you know what a shell is and that you have some basic familiarity with UNIX.

Disk ARchive (Backup and Restore) using dar and kdar(dar Frontend)

Post date: January 12, 2007, 18:01 Category: System Views: 3614 Comments
Tutorial quote: Dar is a shell command that makes backup of a directory tree and files. Its features include splitting archives over several files, CDs, ZIPs, or floppies, compression, full or differential backups, strong encryption, proper saving and restoration of hard links and extended attributes, remote backup using pipes and external command (such as ssh), and rearrangement of the “slices” of an existing archive. It can now run commands between slices, encrypt archives, and quickly retrieve individual files from differential and full backups. Dar also has external GUI like kdar for Linux,thanks to the well documented API.

Execute Commands on Multiple Linux or UNIX Servers part II

Post date: December 28, 2005, 10:12 Category: System Views: 3293 Comments
Tutorial quote: I have already covered how to execute commands on multiple Linux or UNIX servers via shell script. The disadvantage of script is commands do not run in parallel on all servers. However, several tools exist to automate this procedure in parallel. With the help of tool called tentakel, you run distributed command execution. It is a program for executing the same command on many hosts in parallel using ssh (it supports other methods too). Main advantage is you can create several sets of servers according requirements. For example webserver group, mail server group, home servers group etc. The command is executed in parallel on all servers in this group (time saving). By default, every result is printed to stdout (screen). The output format can be defined for each group.

Getting started with SSH

Post date: February 11, 2006, 04:02 Category: Network Views: 2754 Comments
Tutorial quote: The following sections hope to provide enough information to setup a user new to ssh with the appropriate files necessary for accessing remote hosts in a secure manner.

Setting Up Subversion for One or Multiple Projects

Post date: April 13, 2005, 00:04 Category: Miscellaneous Views: 3893 Comments
Tutorial quote: Deploying a secure and manageable Subversion installation that uses Apache 2.0 as a central authentication checkpoint and SSL for data integrity and confidentiality.

How to catch Linux system intruders

Post date: September 22, 2008, 13:09 Category: Security Views: 4114 Comments
Tutorial quote: Secure your Linux box by locking it down and posting a guard to watch for intruders.
Web-based applications and online marketing solutions - LumoLink