Debian: page 2

• Securing SSH with Key Based Authentication January 20, 2009

  Certificates are a useful way of restricting access to your SSH server because a user must have three things to log onto the server: Username Password Certificate Normally they would only need to have a password and username, which can be guess at or (potentially) brute forced. Forcing the user to supply a certificate on log on means that they must also have a tangible source of identification (without the key file they cannot log in! Read more ⇒

• Hardening SSH November 12, 2005

  A very nice article: Keeping SSH access secure I use the following in /etc/ssh/sshd_config: AllowUsers username PermitRootLogin no Which kills root login access to the server meaning you will need to login as the username provided in AllowUsers and then su to root (eg. su root) or sudo the commands if you have sudo setup (apt-get install sudo). You may also wish to change the port through which SSH occurs by adding: Read more ⇒

• Virtual Mail Servers August 28, 2005

  http://workaround.org/articles/ispmail-sarge VPSs are nice but how do you host multiple domain email addresses? Well the above tutorial a fantastic guide on Debian Sarge. An item worthy of note is creation of the Courier SSL certificates. By default there will be a couple automatically created by Courier at install time. This are useless as your email client WILL reject them because localhost is not the same domain as domain1.com etc… You need to edit both /etc/courier/pop3d. Read more ⇒

• Serving Virtual Hosts August 22, 2005

  To begin with I am using Apache2 so this will not apply to Apache1.3. Apache2 uses an interesting technique for setting up Virtual Hosts, they are no longer stored in the huge httpd.conf file. They are stored in two folders, sites-available and sites-enabled. I am basing this setup on the following structure: /home/www/ -- www.sitename1.com -- htdocs -- stats -- logs -- www.sitename2.com -- htdocs -- stats -- logs To make a new Virtual Host you make a new file in the sites-available directory. Read more ⇒

• Setting up a Debian Sarge Server August 19, 2005

  Perfect Debian Setup is a very handy little article. One item of note however is that Debian Sarge doesn’t support PHP5 even in the unstable packages so you will need to use the following technique to get the PHP5 goodies from a Debian developers repository. You can browse his directory and see what is on offer at: http://people.debian.org/~dexter There is also another source with less recent and a less complete collection of packages DotDeb, but as it is out of date I would not bother with it. Read more ⇒