Archive for 'Security'

Password-Less SSH Login

SSH is the most trusted protocol used in today’s world for remote logins and secure file transfers from one machine to another. There are three different ways of authetication when trying to login with SSH protocol:

  1. Password Based Authentication
  2. Key Based Authentication
  3. Host Based Authentication

Read the complete article »

Q. How I should enforce users to change password at their first login ?

A. This is one of the very basic needs which shows up in most of the companies. As a system admin, I am sure this will be asked from you.

To setup this there are various ways, but I believe one of the very simplest one is the one I am going to explain below.

Read the complete article »

Secure Your SSH Server with Denyhosts

As soon as you connect to the internet to do any of your daily tasks or connect your server to provide some service, it means that you are exposing your system to lots of threat and to people who are ready to play with your system just for fun or some personal interest.

Read the complete article »

Though this warning looks pretty much scary but the reason for this is very much simple and the solution as well.

Q. When did you get this error ?

A. The possible reasons for getting this error are:

  • You have re-installed you system and trying to ssh to the newly installed system.
  • You have assigned the IP address of one system to another system and trying to ssh.
  • You system is dual boot with different ssh keys in both flavors of linux.
  • You are using an IP for load balancing and trying to ssh to the same IP.
  • You generated new ssh keys for your system. (Read this article for the re-generation of the host keys: Generate SSH host keys)
  • Someone trying to do some nasty things, or you can say man-in-the-middle attack.

There could be lots of solution for this problem, which are explained below:

Read the complete article »

How To : Secure GRUB Boot Loader

GRUB, no doubt is the most widely used Boot Loader on Linux. So, a system’s security is incomplete until its Boot Loader is secure. The common way to secure GRUB is, “password”. But, a “cunning” attacker can by-pass this security also and may gain access to your system, if password is NOT applied correctly to the “grub.conf” entries.

The main reasons to Password Protect the GRUB Boot Loader are:

Read the complete article »