Search Results

A bare minimum for any public facing Linux server. These tests should be ran immediately or the host powered down until it's secured. First Login On a fresh Linux server, you'll first access your host as the root user. This user should only be used for admi...

Generating Private Keys To generate a key with no password using the ed25519 algorithm, we can run the following command. This will output the generated private_key and private_key.pub withtin the directory specified after -f If you intend to use a password ...

Check out NTP-Pool for a list of pools available to different regions. Configuration Network Time Protocol (NTP) allows us to easily synchronize our servers with the indicated NTP host. The settings stored in /etc/systemd/timesyncd.conf allow us to specify w...

Overview This page should contain the basic information needed to anyone starting out using a Linux server. Much of this information has been compiled from other guides, but I have rewritten and reformatted the content to be more readily available. Some of the...

When installing a fresh Linux Distribution, you might want to dual-boot, or even multi-boot, into different desktop environments. There are some pretty specific requirements we'll need to setup manually for our new partitions though, see below for details on t...

When setting up a new Linux installation, I decided to take advantage of LUKS (Linux Unified Key System) to encrypt the data on my device. The setup is pretty turn-key, most Linux distributions offer an option for guided LUKS setup during installating. When re...

First, check out this brief explanation on what Git is, why it was created, and general descriptions of features or ideas Git is built around. This will help a lot to understand the commands you are using, instead of just searching for a command that does some...

Text Editing Vim has many tools for editing large text files. Some examples below. Idiomatic vimrc OG Idiomatic vimrc Revamped vim Thoughtbot/blogs/vim Binds Either in normal mode after pressing :, or inserted into your .vimrc, map the input directly by...

Read the manual page for bash! If needed, check out my not-so-brief Introduction to Manual Pages to learn how to reference these manual pages more efficiently. I would also recommend the book Bash Pocket Reference by Arnold Robbins, it is a pretty dense read b...

Release cycles The Ubuntu release cycle is at a glance pretty straight forward, but when on the 18.04 release and running sudo do-release-upgrade produces unexpected results like the below, it raises some questions. Checking for a new Ubuntu release ...

Basic Requirements On this page, I'll describe how to configure Ansible to manage a remote host. In the context of this page, a controller is the ansible node that executes commands on remote hosts, while a client is a host which accepts commands from some co...

Ansible Galaxy Ansible has a built in tool ansible-galaxy which allows us to quickly create a set of folders and files that are needed in the creation of an Ansible role. Simply run ansible-galaxy init rolename --offline and a folder will be created within y...

Ad-Hoc Commands First, we should be sure that ansible is configured correctly, to run commands on a server or a group of servers within the /etc/ansible/hosts file, run any of the below commands ansible -m ping hostname ansible -m ping 134.23.4.5 ansible -a "...

Customizing ~/.vimrc Vim is a text editor that is difficult to get comfortable with, but once you have a set configuration that works for you it's very portable and really nice to use when editing files on remote hosts, especially when you take the time to co...

Defining Services Creating a Heimdall service using docker-compose can be done with the below basic docker-compose.yml - --- version: "2" services: heimdall: image: linuxserver/heimdall container_name: heimdall environment: - PUID=...

Postfix is a Mail Transfer Agent (MTA) that can act as an SMTP server or client to send or receive email. There are many reasons why you would want to configure Postfix to send email using Google Apps and Gmail. One reason is to avoid getting your mail flagg...

OSSEC is a useful tool in monitoring for malicious activity across various servers. It's lightweight, and easy to install an agent and have it reporting to the master server within minutes. Unfortunately, there is no automated solution to configuring agents re...

Jekyll can be installed by following the Installation Instructions hosted on the official website. So if you are on Ubuntu Linux, sudo apt-get install ruby-full build-essential zlib1g-dev echo '# Install Ruby Gems to ~/gems' >> ~/.bashrc echo 'export ...

Hexo is a static site generator that converts Markdown syntax into prebuilt dynamic themes. Hexo's use of Node.js, HTML, and CSS / YAML makes for a simple, scalable website that is easy to maintain, build upon, or migrate. Check out the book on Systemd Servic...

Global ossec.conf Settings OSSEC comes with a server-wide configuration file. Its important to look for and modify this file on the host that runs the server your agents connect to. This configuration will control the alerting and rules used on the server and...