Ensuring secure access to Production Linux Servers

I was amazed to hear from my friend that one of their server got hacked and reason may be that their part-time admin set password of root user as ‘admin’. Wow!! can’t believe it! They dont have right to cry about security attacks as they themselves keep their door opens :P

I’ve suggested them some points as per described below for ensuring secure access to servers. They have 5-6 Linux servers. This is obviously may not be the best way and I’m as always appreciate if you can give your suggestion in comments. My approach is that from 6 servers, we will be able to login only in 2 servers from remote through key based access and from these 2 server, we can access remaining. Here’s what we did:

This is a preview of Ensuring secure access to Production Linux Servers. Read the full post (811 words, estimated 3:15 mins reading time)

August 22nd, 2010 | Posted in bash, Security | 3 Comments

SSH Port forwarding from remote to local machine

SSH has a wonderful feature called SSH Port Forwarding, also known as SSH Tunneling, which allows you to establish a secure SSH session and then tunnel arbitrary TCP connections through it. Tunnels can be created at any time, with almost no effort and no programming, which makes them very appealing.

Here I’ll illustrate it using an example. Suppose you have installed and configured Jabber Instant Messaging Server (check out to do that on this site here). You found later that in the Server machine, there’s no GUI available and you need to access its graphical web admin interface. In this case, you can easily forward port from Server machine to your own PC to access the admin interface. You might know that ejabberd (Jabber Server) web admin interface is available on port 5280.

This is a preview of SSH Port forwarding from remote to local machine. Read the full post (343 words, estimated 1:22 mins reading time)

July 9th, 2008 | Posted in General | 3 Comments