sudo gedit /etc/samba/smb.conf
[global]
unix extensions = no
[share]
follow symlinks = yes
wide links = yes
service smbd restart
2012년 10월 14일 일요일
2012년 10월 13일 토요일
RDP to linux server
Setting up xrdp
http://www.liberiangeek.net/2012/05/connect-to-ubuntu-12-04-precise-pangolin-via-windows-remote-desktop/
How to secure RDP connection by using SSH, putty.
http://blog.spencerkellis.net/2010/06/tunneling-remote-desktop-over-ssh-in-windows-7/
* 포트 3389는 닫혀있기 때문에 로컬 어드레스 192.168.2.77:3389 를 데스티네이션 어드레스로 쓰는게 포인트
http://www.liberiangeek.net/2012/05/connect-to-ubuntu-12-04-precise-pangolin-via-windows-remote-desktop/
How to secure RDP connection by using SSH, putty.
http://blog.spencerkellis.net/2010/06/tunneling-remote-desktop-over-ssh-in-windows-7/
* 포트 3389는 닫혀있기 때문에 로컬 어드레스 192.168.2.77:3389 를 데스티네이션 어드레스로 쓰는게 포인트
2012년 9월 11일 화요일
2012년 1월 4일 수요일
Putty UTF-8
http://blog.wensheng.com/2007/05/putty-utf8-and-chinese.html
Putty setting.
open putty -> window -> Translation -> remote character set to UTF-8
Host computer need to do following step.
//check language setting
] echo $LANG
//add following line to .bashrc
] vi .bashrc
] export LANG=en_US.UTF-8
Putty setting.
open putty -> window -> Translation -> remote character set to UTF-8
Host computer need to do following step.
//check language setting
] echo $LANG
//add following line to .bashrc
] vi .bashrc
] export LANG=en_US.UTF-8
2012년 1월 3일 화요일
SSH Tunneling Proxy using Putty
http://digitalpbk.blogspot.com/2009/05/ssh-proxy-windows-linux-orkut-bypass.html
//Access SSH proxy by linux terminal console command.
] ssh -D 8080 username@example.com
//Access SSH proxy by linux terminal console command.
] ssh -D 8080 username@example.com
2012년 1월 1일 일요일
SSH convert putty file format to linux ssh format
//Install package as needed.
] apt-get install putty-tools
//Convert file format as needed
] puttygen putty-privatekey.ppk -O private-openssh -o openssh-key
] apt-get install putty-tools
//Convert file format as needed
] puttygen putty-privatekey.ppk -O private-openssh -o openssh-key
SSH security
http://www.g-loaded.eu/2005/11/10/ssh-with-keys/
Client side
] ssh username@hotst.com
] mkdir ~/.ssh
] chmod 0700 ~/.ssh
] scp ~/.ssh/id_dsa.pub username@hotst.com:~/.ssh/authorized_keys
] rm -f ~/.ssh/id_dsa.pub
] chmod 0600 ~/.ssh/*
//A limited group of SSH users ** need root privilage for this.
] groupadd sshusers
] usermod -a -G sshusers username
Server side (uncomment each line as needed)
//Do not allow root login with SSH
] vi /etc/ssh/sshd_config
#PermitRootLogin no
//use ssh-2 method.
#Protocol 2
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
//login with key-only
#RSAAuthentication no
#PasswordAuthentication no
#UsePAM no
#KerberosAuthentication no
#GSSAPIAuthentication no
#AllowGroups sshusers
//Restarting the server
]rm -f ssh_host*key*
]service sshd restart
//Get fingerPrint of the server to verify server from client.
]ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub
Hashing the known_hosts file
Because the servers’ hostnames and addresses are stored in plain text in the known_hosts file, hashing it is a good habit. This can be done using the ssh-keygen utility. Type:
]ssh-keygen -H -f ~/.ssh/known_hosts
This process makes it unreadable, but the ssh programs can still read the contents. Make sure you permanently delete the known_hosts.old backup file.
Change your private key’s passphrase
If you ever need to change the private key’s passphrase you can use ssh-keygen:
]ssh-keygen -p -f ~/.ssh/id_dsa
add key to catche
]ssh-add ~/.ssh/id_rsa
======
The ssh-agent’s configuration
What we need is to start the agent when we login to our client machine’s shell and stop it when we log out. So, we add the following line to ~/.bash_profile:
eval `ssh-agent`
Why do we use eval? When the ssh-agent is started, it just prints some commands to the stdout. These commands set and export the environment variables we talked about earlier. We use eval, so that these commands are actually executed, or better, evaluated by the shell, so the environment variables are made available to all applications that can use them.
We add the following line to ~/.bash_logout
eval `ssh-agent -k`
This "unsets" the environment variables and kills the agent every time we logout.
Management of cached passphrases
A small utility called ssh-add is used to manage the cached passphrases.
To add a key to the ssh-agent’s cache, we issue the command:
# ssh-add ~/.ssh/id_dsa
We are prompted for the passphrase. After typing it succesfully, it
gets cached. From now on, the cached passphrase will be automatically
used for every connection we make to the SSH server. Convenient!
If we store our key to the standard location ~/.ssh/ and name it with the standard filename id_dsa, then ssh-add can be run without arguments. Our key will be used.
To list the cached keys we type:
# ssh-add -l
To remove a cached key:
# ssh-add -d ~/.ssh/id_dsa
To empty the ssh-agent’s cache:
# ssh-add -D
=======================
### install fail2ban
피드 구독하기:
글 (Atom)
-
http://askubuntu.com/questions/21934/how-to-change-the-binding-of-windows-key-which-runs-unitys-dash just installed Ubuntu 11.04 and I w...
-
https://forums.virtualbox.org/viewtopic.php?t=11234 How to freeze date/time in VirtualBox? this can be achived by editi...
-
1 . download update 2. put a update file to localdata store directory 3 use command below esxcli software vib update -d "PATH TO A PATC...
