SWiK
» tagged pages
» logout
Debian
Return to Debian

Debian Administration Blog

(or Cancel)

(Editing anonymously: to be credited for your changes, login or register a new account)

other page actions:

Tags Applied to this Topic

1 person has tagged this page:
Tag this Topic | Tagging Details

Debian Wiki Pages

See all 9 Pages
Syndication Feed on http://debian-administration.org/articles.rdf
Edit This

Tuesday, May 13, 2008

Critical security update for openssl

A new security advisory has recently been released relating to the Debian openssl package, and whilst most security updates are not news-worthy this one is. Read on for a brief overview of the problem.
posted at 07:05 AM. tags: .

Tuesday, May 13, 2008

Need a generic iptables tcp proxy?

Do you ever find yourself in need of a generic TCP proxy? Do you wish you could do it with netfilter? Do you want to proxy a connection to a given port on a given IP address to a completely different port on a totally different host or network?
posted at 02:05 AM. tags: .

Friday, April 25, 2008

How to use any command in FTP ?

I wanted to use the "find" command on a FTP space but it's not possible to use this command with any "normal" FTP client. So, I looked for a solution.
posted at 04:11 AM. tags: .

Tuesday, April 22, 2008

Logical Volume Management: How PVs form VGs for LVs

When I set out to build my first system using Logical Volume Management I was surprised by the lack of information about how LVM relates to more "traditional" disk-level partitioning. There were plenty of articles with examples of how to use 'vgcreate' and 'lvresize' and no short supply of advice and white noise from the forums, but there was very little practical information about what the various strata of LVM were actually for or how they related to each other. In fact I was well into my search for information before I figured out where to put the file system.
posted at 09:10 AM. tags: .

Monday, April 14, 2008

Making Apache2 execute CGI scripts, globally?

I have set up a Debian etch system with apache2, perl etc, but I cannot get apache to actually execute my scripts..
posted at 04:45 AM. tags: .

Wednesday, April 09, 2008

Using the dynamic DNS editor: nsupdate

nsupdate is the little-known brother of nslookup. It is used to make edits on a dynamic DNS without the need to edit zone files and restart the DNS server. If you have declared a zone dynamic, this is the way that you should be making edits.
posted at 08:45 AM. tags: .

Tuesday, April 01, 2008

OpenSSH SFTP chroot() with ChrootDirectory

The upcoming version of OpenSSH (4.8p1 for the GNU/Linux port) features a new configuration option : ChrootDirectory. This has been made possible by a new SFTP subsystem statically linked to sshd.
posted at 03:44 AM. tags: .

Friday, March 28, 2008

Checking password strength for squirrelmail

I have successfully used the method below to configure the change_ldappass plugin of Squirrelmail to perform password strength checks using cracklib. I made a few assumptions, but it should be easy to adapt it to your own situation.
posted at 03:43 AM. tags: .

Thursday, March 27, 2008

Introduction BackupPC part 1

This HOWTO will describe how to install BackupPC (http://backuppc.sourceforge.net/) and how to create a simple backup using backuppc. BackupPC can offer a nice solution for both simple and complex backups.
posted at 03:43 AM. tags: .

Wednesday, March 26, 2008

pam_mount and sshfs with password authentication

pam_mount is "a Pluggable Authentication Module that can mount volumes for a user session". It is used to automatically mount a network share or volume when a user logs in, and unmount it when the user logs out sshfs is a FUSE filesystem that allows mounting a directory using the SSH sftp subsystem.
posted at 09:43 AM. tags: .

Tuesday, March 25, 2008

Using pam-mount to create a sandboxed home directory

My biggest fear when using a public computer is that the data I enter might fall into the wrong hands. One way for developers to combat data theft is to hold personal info only for as long as is absolutely necessary, thereby shortening the window of opportunity for an attacker. This is possible in Linux through a combination of tmpfs and unionfs.
posted at 02:43 AM. tags: .

Wednesday, March 19, 2008

OpenLDAP installation on Debian

The purpose of this article is to give you a straight-forward, Debian-friendly way of installing and configuring OpenLDAP. By the end of this guide, you will have a functional LDAP server that will serve as a central authentication system for user logins onto all machines in the network, without the need to manually create users' accounts on individual machines.
posted at 03:42 AM. tags: .

Friday, March 14, 2008

Struggling to implement PCI compliance

I'm striving to comply with PCI standards (http://www.pcicomplianceguide.org/), but I'm running into a wall - due mostly to confusing, out-of-date, contradictory, and-or incomplete documentation. Or maybe just my own dense mentality. Does anybody have any guidance help me walk through the security thickets of setting up my Debian-based web store?
posted at 04:41 AM. tags: .

Sunday, March 09, 2008

Debian amd64: iceweasel with i386 plugins, outside a chroot

If you weren't already convinced that closed source sucked before, then surely the experience of trying to browse the net with an amd64 machine will have won you over;
posted at 11:41 PM. tags: .

Wednesday, March 05, 2008

Redirect if a website root is empty?

This should be a simple problem to solve, but I've yet to find a good solution, so any assistance would be most welcome. If you'd like to redirect to another website if a directory root has no files in it, how would you do so?
posted at 04:40 PM. tags: .

Wednesday, February 20, 2008

Running programs when filesystem events occur

There are many little jobs which people tend to schedule, via cron (http://www.debian-administration.org/articles/56), which do nothing unless particular files have appeared. These busy-wait style scripts may easily be replaced if you have the ability to execute commands when files are created, or filesystem events happen. Read on to see how to do that.
posted at 02:37 AM. tags: .

Wednesday, February 13, 2008

Sysvconfig: How not to go postal over a service

Demons? Etsee in it? Dot-D? Those are just jargon sounds to laymen, but you might recognize them to mean daemons, and /etc/init.d. If you've ever tried to tell a layman to stop, start, or restart a daemon, you know that it's exasperating. It may take several minutes - the layman doesn't know how to spell etc, he doesn't know a forward slash from a backslash, and he doesn't know what you're saying when you say init.d. Lastly, if he is doing this because you need him to (i.e. he didn't ask you, you asked him), then he probably doesn't know what the command line he just typed accomplishes. It may not be necessary for him to know, but if he's curious, he may ask, which just adds to your exasperation and time needed to get the task done.
posted at 08:37 AM. tags: .

Tuesday, February 05, 2008

Unlocking a LUKS encrypted root partition via ssh

I'm running a Debian server with LUKS encrypted root partition and want to be able to enter the pass phrase local at the terminal or via ssh. This article describes how I achieved that.
posted at 07:33 AM. tags: .

Thursday, January 31, 2008

How To Migrate to a full encrypted LVM system

The point of this how-to is to describe the way to migrate to a full-encrypted LVM system (rootfs + data) (only the boot partition obviously stays unencrypted), either coming from an LVM system, either from a simple ext3 system. All you need is some kind of external storage.
posted at 06:03 PM. tags: .

Thursday, January 31, 2008

Heartbeat2 Xen cluster with drbd8 and OCFS2

The idea behind the whole set-up is to get a High availability two node Cluster with redundant data. The two identical Servers are installed with Xen hypervisor and almost same configuration as Cluster nodes. The configuration and image files of Xen virtual machines are stored on drbd device for redundancy. Drbd8 and OCFS2 allows simultaneous mounting on both nodes, which is required for live migration of xen virtual machines.
posted at 06:03 PM. tags: .
Page 1 | Next >>
Username:
Password:
(or Cancel)