LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Blogs
User Name
Password

Notices


Old

Cloning a git repository in an idempotent way

Posted 05-20-2015 at 02:08 AM by sag47
Updated 05-20-2015 at 02:25 AM by sag47

In config management, it is best to do setup in an idempotent way. After some basic research here's a way to clone a repository in an idempotent way. In this example we'll be cloning my home repository into ${HOME}/git/home.

First, check to see if the repository directory exists. Then change the working directory to it.

Code:
#variables
repo="https://github.com/samrocketman/home.git"
local_repo_location="${HOME}/git/home"
...
Senior Member
Posted in Uncategorized
Views 390 Comments 1 sag47 is offline
Old

OpenSSH common mistakes, tips, and tricks

Posted 10-14-2014 at 11:09 PM by sag47

Here's a post about common mistakes I see made with SSH. A few shortcuts to being more productive when you have a complicated server network. And other neat tips and tricks.

authorized_keys Permissions

The most common problem I see new users attempting to use public key auth is to get the permissions wrong either on their home directory, .ssh directory, or authorized_keys file. Luckily, the openssh project provides a helpful FAQ answer.

The Almighty...
Senior Member
Posted in Uncategorized
Views 442 Comments 0 sag47 is offline
Old

My iptables firewall

Posted 10-14-2014 at 10:33 PM by sag47
Tags iptables

Recently I posted about my firewall. Here I'm reposting that to my blog.

Here's a redacted version of my firewall rules. I'll point out a couple of things. This firewall is designed similarly to how the new RHEL7 firewalld behaves. When evaluating RHEL7 I saw some cool firewall tricks and incorporated it into my firewall (this way you can take advantage of doing things like dynamically adding and removing rules without having to refresh the firewall).

At the top...
Senior Member
Posted in Uncategorized
Views 599 Comments 0 sag47 is offline
Old

Securing your passwords in KeePass

Posted 12-04-2013 at 11:14 AM by sag47
Updated 12-04-2013 at 11:22 AM by sag47

The Linux port of KeePass is called KeePassX.

The following knowledge base article discusses the encryption mechanisms involved with securing keepass databases.

http://keepass.info/help/base/security.html

That's a good read and I highly recommend everyone read it. It tells you about mitigating brute force attacks by modifying iterations of hashes. It even has a little button that computes 1 seconds worth of hashes automatically so that it takes one second...
Senior Member
Posted in Uncategorized
Views 699 Comments 0 sag47 is offline
Old

iptables workstation config

Posted 11-17-2013 at 10:03 AM by sag47
Updated 11-17-2013 at 11:07 AM by sag47
Tags iptables, ufw

Here's a decent iptables for a workstation that doesn't normally serve hosted applications. It is meant to just block the network while allowing the user to still use the network unhindered. If services will need to connect to your system then you'll have to open ports in the firewall.

Code:
#load firewall config with iptables-restore < iptables.rules
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
#The following rules required
...
Senior Member
Posted in Uncategorized
Views 599 Comments 0 sag47 is offline

  



All times are GMT -5. The time now is 04:21 PM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration