|
||||||
|
FreeIPA is a solution for managing users, groups, hosts, services, and much, much more. It uses open source solutions with some Python glue to make things work. Identity Management made easy for the Linux administrator. FreeIPA is an open source alternative to Microsoft Directory Server. It provides the following functionality: Centralised LDAP based authorisation Kerberos […] This article is only for the Green League vulnerability scan results, in RHEL / CentOS / OEL5.x x64-bit versions exist as high-risk vulnerabilities, where finishing solutions, again through vulnerability scanning, vulnerability has been patched. High-risk OpenSSH ‘schnorr.c’ remote memory corruption vulnerability (CVE-2014-1692) OpenSSH J-PAKE licensing issues Vulnerability (CVE-2010-4478) OpenSSH GSSAPI remote code execution vulnerability (CVE-2006-5051) […] Sometimes it can be helpfull to encrypt/decrypt strings on Linux. Of course we can install tools like crypt but is not always available after default installation. Good thing is that we also have openssl which is nearly always installed on a linux server. How to encrypt a string with openssl : $ echo “juicy” […] GPG file encryption using key pair GPG basic file encryption doesn’t required public/private key. But to make a encrypted file more secure you can use RSA/DSA algorithms. These algorithms generates public and private keys to encrypt file. There are three criteria to use GPG file encryption. 1. Encrypt/Decrypt file locally for same user account. 2. […] Centralized SSH Keys There are times when it is beneficial to take control of SSH key management on a server. This brief tutorial will centralize all user SSH keys to a single location and allow root to manage them. We will be keeping all keys in a single directory located in /etc/ssh/authorized_keys. Within the directory, […] List available Ciphers: openssl ciphers -v openssl ciphers -v tls1 #only TLS ciphers openssl list-cypher-commands openssl ciphers -v ‘HIGH’ #only good ciphers Test OpenSSL Speed: openssl speed openssl speed rsa #test only rsa Generate self-signed cert: openssl req \ -x509 -nodes -days 365 \ -newkey rsa:1024 -keyout mycert.pem -out mycert.pem OR openssl req […] To create ssh keys:ssh-keygen -t dsa -d 2048Optionally leave the passphrase blankThis will create a ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub file. Check for validity:ssh-keygen -l -f ~/.ssh/id_dsa.pub Copy the key to the remote server:cat ~/.ssh/id_dsa ssh remote_host ‘sh -c “cat – >>~/.ssh/authorized_keys”‘ Convert commercial (SECSH) ssh private / public key to OpenSSHssh-keygen -i -f id_dsa.pub > id_dsa_openssh.pub […] Generates key pair:gpg –gen-key Lists public and private current keys:gpg –list-keysgpg –list-secret-keys Exports public key / private key:gpg –armor –export jaz@example.comgpg –export-secret-key –armor “jaz@example.com” > private.key Imports a public key / private key:gpg –import joe.cagpg –allow-secret-key-import –import private.key Delete public / private key:gpg –delete-key “jaz@example.com”gpg –delete-secret-key “jaz@example.com” Encrypt a document with someone’s public key:gpg –output […] Thankfully Linux isn’t a platform which has a significant problem with Viruses, however it is always better to be safe than sorry. Luckily ClamAV is an excellent free anti-virus solution for Linux servers. However, at least on RedHat Enterprise 5 (RHEL5) the default install doesn’t offer any automated scanning and alerting. So here is what […] OS: CentOS 5.6 i386, CentOS 6.2 i386 Ossec Version: 2.6 Hardware: Virtual Machine (VirtualBox 4.1.14) About OSSEC is an opensource Host Intrustion Detection System (HIDS). OSSEC let you monitor log files, integrity of files and detects root kits in a client-server environment. OSSEC Server Installation Install wget and update your system yum install wget […] |
||||||
|
Copyright © 2024 - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
Recent Comments