Jan 292014

Often one wants a shared access to files across machines. Traditionally one uses the network file system (nfs). The network file server works as follows: There is an nfs server that exports some directories in its filesystem hiearchy to various nfs clients that mount these directory over the network into their file system hierarchy. As a result, each of the clients shares the directories exported by the nfs server.

However a lot of times you just have to mount a directory from a server to your local computer and in these cases NFS it’s not so useful, sshfs it’s much better

Sshfs is a filesystem client based on the SSH File Transfer Protocol. Since most SSH servers already support this protocol it is very easy to set up: i.e. on the server side there’s nothing to do.  On the client side mounting the filesystem is as easy as logging into the server with ssh.

Continue reading »

flattr this!

Jan 192014

Article by Rahul Panwar first posted on http://linuxexplore.com/

A chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name (and therefore normally not access) files outside the designated directory tree. The term “chroot” may refer to the chroot(2) system call or the chroot(8) wrapper program. The modified environment is called a “chroot jail”. From Wikipedia.

Why it is required? If you want to set up your Linux box as a web hosting server for its users, you may need to give SFTP access. But they can get access to whole system Linux tree, just for reading but still very unsecure. So it is mandatory to lock them in their home directory.

There are many other applications, it’s just a common example, so lets start its configuration.

Continue reading »

flattr this!

Jan 132014

I use ssh everyday and it’s my main tool to connect and manage servers, so I’m always interested in articles about ssh.
Today I present an interesting article on this subject, written by Corey Quinn and posted on the sysadvent blog

Every year or two, I like to look back over my client’s SSH configuration file and assess what I’ve changed.

This year’s emphasis has been on a few options that center around session persistence. I’ve been spending a lot of time on the road this year, using SSH to log into remote servers over terrible hotel wireless networks. As a result, I’ve found myself plagued by SSH session resets. This can be somewhat distracting when I’m in the midst of a task that requires deep concentration— or in the middle of editing a configuration file without the use of screen or tmux.

ServerAliveInterval 60

This triggers a message from the client to the server every sixty seconds requesting a response, in the event that data haven’t been received from the server in that time. This message is sent via SSH’s encrypted channel.

Continue reading »

flattr this!

SSH in 2 steps on Linux with Google Authenticator

Article by Alessio bash, first published on his blog Many security policies require you to change the port number of the SSH service to ensure greater security in a Linux system. Situation now used throughout the IT world and used mostly by users who have their own private server. Today I want to show you [...]

How to Really Secure Your Linux VPS SSH Service

Article By Stanton Levens Let face it, the Secure Shell (SSH) daemon running on your VPS is the most sensitive service open to attack on your system. Any hacker worth their salt will first try to gain access to your VPS via SSH and 99.9% of all VPS connected to the internet run this service by [...]