Tag Archives: security

Keeping Your Server Secure With Unattended Upgrades

When operating servers, you’re responsible for keeping them up to date with the latest security fixes. Ubuntu comes with a mechanism that installs updates automatically so you don’t have to worry about it. Obviously, this is meant for personal servers … Continue reading

Posted in linux | Tagged , , , | 9 Comments

Setting Up a SOCKS Proxy Using OpenSSH

Web browsing on a public Wifi network is a security risk as it’s quite simple to capture network traffic. Even if you only connect to SSL-protected sites, people can still find out which web sites you’re accessing. Fortunately, there is … Continue reading

Posted in linux | Tagged , , | 1 Comment

Getting Started With Kerberos

Recently, I have been playing with Kerberos, a popular Single Sign On system (SSO) that is used in many large organizations. My first contact with Kerberos has been at university in a network security course, but that only covered the … Continue reading

Posted in linux | Tagged , , | Leave a comment

OpenID Delegation

OpenID is a great concept but what I don’t like is that I tie myself to a specific identity provider. Suppose the provider goes out of business or doesn’t support OpenID anymore. Of course, I could set up my own … Continue reading

Posted in misc | Tagged , | 1 Comment

Excluding Pages From Authentication

Java’s Servlet spec allows web applications to delegate authentication and authorization to the servlet container, a mechanism known as container-based security. A lot of people use it for in-house applications or web services because it’s simple and containers like Tomcat … Continue reading

Posted in java | Tagged , , , | 16 Comments

SSH Public Key Authentication

A lot of people use SSH to log into remote hosts. SSH is secure and works well, but if you have to access many hosts with long, well-chosen passwords there is a lot of typing to do just for authentication. … Continue reading

Posted in tools | Tagged , , , , | 1 Comment

Transparent Directory Encryption

In a previous article, I discussed sshfs, a user mode filesystem based on FUSE for accessing remote files. Another useful filesystem type is encfs which provides transparent encryption of directories. With encfs, files are stored encrypted in a special directory … Continue reading

Posted in tools | Tagged , , , | Leave a comment

Mounting Directories via SSH

For mounting directories from a remote machine, usually NFS or SMB/CIFS is used which requires a running file server. On many linux servers, however, all you have is a shell account, so file transfer has to be done via scp. … Continue reading

Posted in tools | Tagged , , , | 2 Comments