Category Archives: Security
Restrict SSH access to port forwarding to one specific port
Allowing access to an unprotected service on a server is always a problem. Sometimes the easiest way is to not expose this service to the network but allow access via ssh port-forwarding, but how to limit the SSH account to … Continue reading
Generate public SSH key from private SSH key
A lost SSH public-key or a web service generates an SSH key but does not provide the public-key part to you. What to do now? There is a solution for this situation. Continue reading
Restart hanging gpg-agent automatically using swatch on MacOSX
With a smart card reader, you can store your gpg keys on a card to sign, encrypt and even authenticate. What if you try to sign an email but your email client is not responding while signing the email? Or … Continue reading
Harden the SSL configuration of your mailserver
I described in one of my earlier post how to Setup Postfix with SMTP-AUTH and TLS on CentOS. I will follow up on this article describing how to harden the configuration of your mail server related to SSL. Continue reading
SSH-Key authentication is not working – SELinux
When configuring SSH passwordless login with ssh-key the ssh-key generated and transfered to the server seems to not work when I try to login. Whay is the ssh-key authentication failing? Continue reading
SELinux allow webserver to send email
When Wordpress tries to send email and you see “your host may have disabled the mail() function” it might be that SELinux is blocking it. Here is how to enable it. Continue reading
Migrate WordPress site with minimal downtime
Migrating a Wordpress installation from one server to the other sounds like a simple task. Just move the files, copy the database for Wordpress and lets go. But when you start dealing with the DNS entries the whole story gets tricky. Continue reading
Set up apache and the log path with SELinux
Depending on your backup strategy you might run into troubles of backup the entire /etc directory. Running a default installed Apache on CentOS will have the log directory of Apache linked from within the /etc/httpd/ directory. If you backup solution would backup those as well, the backups would contain the logs and get huge. Continue reading
Restrict SSH login using SSH keys to a particular IP address
Because most passwords are quite short so you can remember them as well as it is annoying to type the password all the time, You might have already considered creating SSH-keys and configured the SSH passwordless login with SSH-key for your server. But how to secure the access with SSH-key? Continue reading
Secure SSH server access
With a server running, SSH is one of the services nearly instantly gets checked out. Only after a couple of hours of going live with your server, you might already notice someone trying to login with passwords from a dictionary. There are some things you can do to reduce those hacking attempts to your SSH server. Continue reading
