Tag Archives: Security

Basic SELinux Security Concepts

Overview

“SELinux is a security enhancement to Linux which allows users and administrators more control over access control.” (selinuxproject.org”
Continue reading

Linux ACL Permissions

Overview

“Access Control List (ACL) provides an additional, more flexible permission mechanism for file systems.
It is designed to assist with UNIX file permissions.
ACL allows you to give permissions for any user or group to any disc resource.” (Wikipedia)
Continue reading

chmod suid sgid sticky bit

Overview

Linux chmod has a few options that can make your life a lot easier when managing a shared storage.
The most needed are chmod suid sgid sticky bit.
Also the impact of each one is different between files and folders.
Continue reading

iptables examples on CentOS

Overview

“iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different Netfilter modules) and the chains and rules it stores.
Different kernel modules and programs are currently used for different protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and ebtables to Ethernet frames.”

In this tutorial I will give a few essential examples of how to use iptables on CentOS
Continue reading

SSH connection without password between two linux machines

Overview

How to establish SSH connection without password between two linux/unix machines

SSH connection without password between two linux machines

Instructions

  1. Generate the files: [id_rsa], [id_rsa.pub] in the First Machine by typing at command (do not use a password – just hit Enter*) :
    ssh-keygen


    * You don’t want to enter any passwords, because you want to call ssh from a within a shell script.
    ** The randomart is an easier way for humans to validate keys.
  2. Copy (and rename) id_rsa.pub to authorized_keys on Server (run from the same computer you run ssh-keygen);
    scp -r -P 22 /root/.ssh/id_rsa.pub destination:/root/.ssh/authorized_keys
     

    Where destination is server B.

Now you can connect as root without a password between the servers.