I’m using bastion hosts for my cloud infra and found this little hack to systemd to setup ssh-agent for my auth forwarding.
what is it? systemd
systemd is an init system used in Linux distributions to bootstrap the user space and manage all processes subsequently, instead of the UNIX System V or Berkeley Software Distribution (BSD) init systems. The name systemd adheres to the Unix convention of naming daemons by appending the letter d.
I just wanted to write down some issues I had as a reminder to myself and some notes that other people might find useful. I want to be able to setup some automatic host based firewall rules for some servers I look after so help mitigate any possible brute force attacks and general nastiness that you get on the internet. To do this I’m going to install UFW, fail2ban and setup some filters and actions in fail2ban to use information from UFW on Ubuntu 14.
Previously I posted on how to make some changes to SSH to improve it’s security. One of the configuration options I said to change was to disable password authentication. I want to cover how you can keep password authentication enable by using 2-factor authentication powered by Google Authenticator.
what is it? Two-factor authentication (also known as 2FA) provides unambiguous identification of users by means of the combination of two different components.
Previously I posted on how to make some changes to SSL to improve it’s security for your users. This post I want to cover off some information on how to setup SSH to secure your server for yourself.
what is it? Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers. It connects, via a secure channel over an insecure network, a server and a client running SSH server and SSH client programs, respectively.
It’s been awhile since I’ve posted.
Recently I’ve been doing some Ops work for a company building iOS apps for different companies.
While here I’ve been making a change to host OSX instances on Mac Mini’s (due to licence restrictions). These server where previously hosted under OSX running inside VMWare Fusion VM’s.
OSX is a very poor candidate for Virtualization. The Operating System is very bloated and runs alot of services that allow for a very pretty interface for users.
