Security

Want to support HowtoForge? Become a subscriber!
 

Manage Yubikeys for LUKS encryption with privacyIDEA

Manage Yubikeys for LUKS encryption with privacyIDEA

So today we will show, how you can manage many yubikeys for many notebooks using privacyIDEA. privacyIDEA is an authentication system for two factor authentication - usually with OTP devices. In a recent version privacyIDEA started to not only answer authentication request, but it was also enhanced to be able to define client machines and add information, which authentication device could be used for an application on a client machine.

Hybrid RAID 1 (Mirror) of RAM drive & SATA HDD Using LVM with LUKS [and systemd unit file] on Fedora Linux

Hybrid RAID 1 (Mirror) of RAM drive & SATA HDD Using LVM with LUKS [and systemd unit file] on Fedora Linux

The IT industry has a continual balance between security and usability. Within this balance, performance usually affects usability. In the realm of protecting "Data at Rest" (i.e. encryption) one may find three factors affecting performance, and therefore usabilty: The harddrive, CPU and RAM. Of these, the harddrive will always prove to be a bottleneck (yes, even with an SDD).

Free Software has a rather elegant solution for protecting Data at Rest, called Linux Unified Key Setup (LUKS). In the spirit of "Freedom 0: The freedom to run the program for any purpose." please enjoy my contribution to our collective knowledgebase of a solution to the fascinating problem of "how can we speed up encyption"?

How to configure pam-radius for WiKID Two-factor Authentication on Centos 7

Securing SSH On Centos 7 With WiKID Two-Factor Authentication

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit.

Two factor authentication with Yubikey for harddisk encryption with LUKS

Two factor authentication with Yubikey for harddisk encryption with LUKS

The yubikey is a cool device that is around for a while and several of us know it and love it. It is a device that is recognizes as a USB HID device and can emit one time passwords on a button press.

Quite for a while the yubikey supports a challenge response mode, where the computer can send a challenge to the yubikey and the yubikey will answer with a response, that is calculated using HMAC-SHA1.

How to add two-factor authentication from WiKID to X2Go remote desktop on Ubuntu

Securing X2Go On Ubuntu Precise With WiKID Two-Factor Authentication

In this document we are going to demonstrate how to implement two-factor authentication from WiKID for remote desktop on an Ubuntu 12.04 server using X2Go.

Manage two factor authentication in your serverfarm with privacyIDEA easily

Manage two factor authentication in your serverfarm with privacyIDEA easily

In this howto I will show, how you can use a privacyIDEA installation to add two factor authentication for many of your servers in your serverfarm.

privacyIDEA is a modular solution for two factor authentication especially with OTP tokens. Due to the modular structure it can be quickly and easily adapted and enhanced. E.g. adding new token types is as simple as writing a new lean python module. You do not need to modify your network for privacyIDEA, it does not write to existing databases or user stores. It only needs read access to your user stores like LDAP, Active Directory, SQL, SCIM-service or flat files. privacyIDEA supports all usual push-button-tokens, OTP cards and smartphone apps.

How To Get LTS updates for Debian 6 (Squeeze)

How To Get LTS updates for Debian 6 (Squeeze)

Debian Squeeze (6.0) is the so named "Old Stable" branch of Debian, the official support for this version ended in april 2014. Squeze is still used on many servers, so a group of Debian developers decided to provide security patches for a longer timespan for this release. These so called LTS updates (LTS = Long Term Support) are not available on the normal Debian update repository and not every user might be aware that he wont get these updates automatically. The following short guide explains how to enable the LTS repository and install the updates.

Two factor authentication with OTP using privacyIDEA and FreeRADIUS on CentOS

Two factor authentication with OTP using privacyIDEA and FreeRADIUS on CentOS

In this howto we will show, how you can set up a the two factor authentication and management system privacyIDEA on Cent OS 6.5. privacyIDEA is a system that can manage authentication devices - especially OTP tokens of any kind.

We will set up the system to be served via Apache2, store the token information in a MySQL database and provide authentication via FreeRADIUS server, thus being able to add two factor authentication to all services accessible via RADIUS like SSL VPNs and pam_radius.

Howto add two factor authentication to OTRS with privacyIDEA

Howto add two factor authentication to OTRS with privacyIDEA

In this howto we will show, how easy it is to add two factor authentication with OTP token to OTRS. This is done for the support agents to protect support cases and customer data against attackers and misuse. Nevertheless this can be done for the customers in the very same way.

Configure Linux to use NTLM authentication proxy (ISA Server) using CNTLM

Configure Linux to use NTLM authentication proxy (ISA Server) using CNTLM

Cntlm is an NTLM / NTLM Session Response / NTLMv2 authenticating HTTP proxy intended to help you break free from the chains of Microsoft proprietary world. You can use a free OS and honor our noble idea, but you can't hide. Once you're behind those cold steel bars of a corporate proxy server requiring NTLM authentication, you're done with. The same even applies to 3rd party Windows applications, which don't support NTLM natively.

first page
previous page
2
...
next page
last page
XML feed
"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.