Security

Want to support HowtoForge? Become a subscriber!
 

How to setup your OTP appliance with privacyIDEA

How to setup your OTP appliance with privacyIDEA

In this howto we will setup a system that can act as your own personal OTP appliance, managing all authentication devices in your network. You then may configure your services to authenticate against this machine. It is a good idea to use some virtualization mechanism. If you have some old hardware around, this is even as good.

How to create a jailed ssh user with Jailkit on Debian Wheezy

How to create a jailed ssh user with Jailkit on Debian Wheezy

This document describes how to install and configure Jailkit in Debian Wheezy Server. Jailkit is a set of utilities to limit user accounts to specific files using chroot() and or specific commands. Setting up a chroot shell, a shell limited to some specific command, or a daemon inside a chroot jail is a lot easier and can be automated using these utilities.

Secure OpenVPN with two-factor authentication from WiKID on Centos 7

Secure OpenVPN with two-factor authentication from WiKID.

In a previous tutorial, we showed how to configure PAM-RADIUS to support two-factor authentication. Now, and in future tutorials, we will add remote access services to this server that will also use WiKID for two-factor authentication. In this tutorial, we will demonstrate how to leverage that setup to add two-factor authentication through radius to OpenVPN on Centos 7.

How To Recover Data From An Encrypted Harddisk On Boot Failure With Ubuntu 14.04

How to recover data from an encrypted harddisk on boot failure with Ubuntu 14.04

This document describes how to recover an encrypted harddisk in a failed boot device for Ubuntu 14.04 Server. This method will work for Ubuntu Desktop also. This is a very havoc situation when the distro fails to boot and we have our important data inside the distro. If the harddisk is not encrypted then we can easily retrieve our data with the help of live-cds or live-USB boot devices, but if the harddisk was encrypted then situation becomes little hectic. I will cover the topic for encrypted harddisk data retrieval from Ubuntu distros.

How To Protect Your Web Server With Sophos UTM

How To Protect Your Web Server With Sophos UTM

In this Howto I will show, how you can setup a webserver to be protected in the demilitarized zone of an enterprise grade firewall. I will use the Sophos UTM Gateway which is available as a software appliance to be installed on "any" hardware and is free for home and personal use.

Manage Yubikeys for LUKS encryption with privacyIDEA

Manage Yubikeys for LUKS encryption with privacyIDEA

So today we will show, how you can manage many yubikeys for many notebooks using privacyIDEA. privacyIDEA is an authentication system for two factor authentication - usually with OTP devices. In a recent version privacyIDEA started to not only answer authentication request, but it was also enhanced to be able to define client machines and add information, which authentication device could be used for an application on a client machine.

Hybrid RAID 1 (Mirror) of RAM drive & SATA HDD Using LVM with LUKS [and systemd unit file] on Fedora Linux

Hybrid RAID 1 (Mirror) of RAM drive & SATA HDD Using LVM with LUKS [and systemd unit file] on Fedora Linux

The IT industry has a continual balance between security and usability. Within this balance, performance usually affects usability. In the realm of protecting "Data at Rest" (i.e. encryption) one may find three factors affecting performance, and therefore usabilty: The harddrive, CPU and RAM. Of these, the harddrive will always prove to be a bottleneck (yes, even with an SDD).

Free Software has a rather elegant solution for protecting Data at Rest, called Linux Unified Key Setup (LUKS). In the spirit of "Freedom 0: The freedom to run the program for any purpose." please enjoy my contribution to our collective knowledgebase of a solution to the fascinating problem of "how can we speed up encyption"?

How to configure pam-radius for WiKID Two-factor Authentication on Centos 7

Securing SSH On Centos 7 With WiKID Two-Factor Authentication

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit.

Two factor authentication with Yubikey for harddisk encryption with LUKS

Two factor authentication with Yubikey for harddisk encryption with LUKS

The yubikey is a cool device that is around for a while and several of us know it and love it. It is a device that is recognizes as a USB HID device and can emit one time passwords on a button press.

Quite for a while the yubikey supports a challenge response mode, where the computer can send a challenge to the yubikey and the yubikey will answer with a response, that is calculated using HMAC-SHA1.

How to add two-factor authentication from WiKID to X2Go remote desktop on Ubuntu

Securing X2Go On Ubuntu Precise With WiKID Two-Factor Authentication

In this document we are going to demonstrate how to implement two-factor authentication from WiKID for remote desktop on an Ubuntu 12.04 server using X2Go.

1
...
next page
last page