Welcome to the most active Linux Forum on the web.
Go Back > Blogs
User Name



Cloning a git repository in an idempotent way

Posted 05-20-2015 at 02:08 AM by sag47
Updated 05-20-2015 at 02:25 AM by sag47

In config management, it is best to do setup in an idempotent way. After some basic research here's a way to clone a repository in an idempotent way. In this example we'll be cloning my home repository into ${HOME}/git/home.

First, check to see if the repository directory exists. Then change the working directory to it.

Senior Member
Posted in Uncategorized
Views 476 Comments 1 sag47 is offline

OpenSSH common mistakes, tips, and tricks

Posted 10-14-2014 at 11:09 PM by sag47

Here's a post about common mistakes I see made with SSH. A few shortcuts to being more productive when you have a complicated server network. And other neat tips and tricks.

authorized_keys Permissions

The most common problem I see new users attempting to use public key auth is to get the permissions wrong either on their home directory, .ssh directory, or authorized_keys file. Luckily, the openssh project provides a helpful FAQ answer.

The Almighty...
Senior Member
Posted in Uncategorized
Views 469 Comments 0 sag47 is offline

My iptables firewall

Posted 10-14-2014 at 10:33 PM by sag47
Tags iptables

Recently I posted about my firewall. Here I'm reposting that to my blog.

Here's a redacted version of my firewall rules. I'll point out a couple of things. This firewall is designed similarly to how the new RHEL7 firewalld behaves. When evaluating RHEL7 I saw some cool firewall tricks and incorporated it into my firewall (this way you can take advantage of doing things like dynamically adding and removing rules without having to refresh the firewall).

At the top...
Senior Member
Posted in Uncategorized
Views 659 Comments 0 sag47 is offline

Securing your passwords in KeePass

Posted 12-04-2013 at 11:14 AM by sag47
Updated 12-04-2013 at 11:22 AM by sag47

The Linux port of KeePass is called KeePassX.

The following knowledge base article discusses the encryption mechanisms involved with securing keepass databases.

That's a good read and I highly recommend everyone read it. It tells you about mitigating brute force attacks by modifying iterations of hashes. It even has a little button that computes 1 seconds worth of hashes automatically so that it takes one second...
Senior Member
Posted in Uncategorized
Views 722 Comments 0 sag47 is offline

iptables workstation config

Posted 11-17-2013 at 10:03 AM by sag47
Updated 11-17-2013 at 11:07 AM by sag47
Tags iptables, ufw

Here's a decent iptables for a workstation that doesn't normally serve hosted applications. It is meant to just block the network while allowing the user to still use the network unhindered. If services will need to connect to your system then you'll have to open ports in the firewall.

#load firewall config with iptables-restore < iptables.rules
#The following rules required
Senior Member
Posted in Uncategorized
Views 635 Comments 0 sag47 is offline


All times are GMT -5. The time now is 02:53 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration