This is very common scenario. You want to permit access to a remote machine only by SSH. You would like to block all incoming traffic to your system except ssh connection under Linux.
Continue reading “Linux Iptables: Block All Incoming Traffic But Allow SSH”
To encrypt and decrypt files with a password, use gpg command. It is an encryption and signing tool for Linux/UNIX like operating system such as FreeBSD/Solaris and others.
Explains how to bind Qmail SMTP to particular IP address.
The SSH protocol recommended a method for remote login and remote file transfer which provides confidentiality and security for data exchanged between two server systems. The SSH depends upon the use of public key cryptography. The OpenSSH server offers this kind of setup under Linux or Unix-like system. This how-to covers generating and using ssh public keys for automated usage such as:
- Automated Login using the shell scripts
- Making backups
- Run commands from the shell prompt and more
- Login without password
gcc is a GNU project C and C++ compiler for Linux, UNIX, FreeBSD etc. From the wikipedia:
GCC is a key component of the GNU toolchain. As well as being the official compiler of the GNU system, GCC has been adopted as the standard compiler by most other modern Unix-like computer operating systems, including Linux, the BSD family and Mac OS X. GCC has been ported to a wide variety of computer architectures, and is widely deployed as a tool in commercial and closed development environments.
Common gcc options:
cc -E :preprocessor
cc -S :create or show assembly coding
cc -o :object filename
cc -g :debug info
cc -O :optimized code
cc -O2 :optimized code with optimization level increased
cc -Wall :create or show all warning
cc -D_SYMBOL_ : Symbol for prerpcessor
You can use gcc instead of cc.
Pre login banner is use for sending a warning message before authentication may be relevant for getting legal protection or just give out information to users. The contents of the specified file are sent to the remote user before authentication is allowed. This option is only available for protocol version 2. By default, no banner is displayed (if you are using latest version of Linux/UNIX then you do not have to worry about version issue).
Procedure to change OpenSSH pre login banner
1) By default sshd server turns off this feature.
2) Login as the root user; create your login banner file:
# vi /etc/ssh/sshd-banner
Welcome to nixCraft Remote Login!
3) Open sshd configuration file /etc/sshd/sshd_config using a text editor:
# vi /etc/sshd/sshd_config
4) Add/edit the following line:
5) Save file and restart the sshd server:
# /etc/init.d/sshd restart
6) Test your new banner (from Linux or UNIX workstation or use any other ssh client):
$ ssh email@example.com
Welcome to nixCraft Labs!
vivek@ rh3es.nixcraft.org’s password:
Please note that this feature may not work with third party ssh client such as Putty.
You can make a file immutable on Linux with the help of utility called chattr. One can changes the file attributes on a Linux second extended file system. The operator +
causes the selected attributes to be added to the existing attributes of the files; -
causes them to be removed; and =
causes them to be the only attributes that the files have.