similar to: Securing SSH

I have several shell scripts to manage user accounts on a server. I've been using a file with the usernames of peoples accounts that any script needs to process. I had a thought that I can and should be setting up groups and adding user accounts to those groups so I don't have to maintain a set of files with the user accounts. So essentially, I am looking for a (simple) shell

Greetings, I'm a Fedora user likely going to switch to CentOS in the next few days. I'm wondering if anyone has some heads up advice for me? I am very familiar with FC6 and before so I anticipate few problems I haven't already seen (and know were fixed). The main reason for the move is so I don't have to re-install so frequently and hopefully not have to deal with so many

I'm setting up multiple systems and ideally I want the same package configuration on all of them. So I'm going through yum and rpm queries manually to try and get this done. There must be a better way. Is there a way to use yum or rpm to configure multiple systems with the same packages? If yum or rpm has something native built into it to do this, that would be great. If

As I mentioned on this list before, I'm switching from Fedora 6 to Centos 5. I'm setting up the mail server and on Fedora I used the milter rpms for greylisting, spamassassin, mimedefant etc. However I don't see that those are included with Centos? Is this true, or do my yum repositories need to be changed to look in an 'extras' location? Or is there some other source

I'm finishing converting from POP to IMAP and I'm seeing some potentially powerful uses, but I wonder if my ideas aren't more abuses. I want to create 'multi-user' accounts that allow groups of users to archive and share emails with each other. For example, in the case of a sales department, emails from customers may have requests for new product features. I could create

Why does 'test -f' and 'test -e' return true on a (hidden) file that doesn't exist? *> cat /home/talberts/.forward* cat: /home/talberts/.forward: No such file or directory *> test -f /home/talberts/.forward ;echo $?* 1 *> test -e /home/talberts/.forward ;echo $?* 1 -------------- next part -------------- A non-text attachment was scrubbed... Name: talberts.vcf

just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc.... None of these are valid users. I know that I can block sshd all together with iptables but that will not work for us. I did a little research on google and found programs like sshguard and

First, I'd like to configure my system to forward ip, to act as a gateway for my network. I've always used a script during startup to do this: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o ${UPLINK} -j SNAT --to ${IP_NAT} This works fine, however I want this permanent so I don't have to run the script on startup. I have the firewall setup with SNAT

Greetings all, I'm a new user of Dovecot and want to say thanks for the great software. I am having a problem at the moment. I run a heterogeneous network with windows and Mac clients logging into a Fedora Linux 2 box running sendmail and previously UW-IMAP, but now Dovecot. I am using strictly pop3, plain authentication with mbox format. Every computer in the network is working fine with

Hello, What is the best way to protect multiuser systems from brute force attacks? I am setting up a relatively loose DenyHosts policy, but I like the idea of locking an account for a time if too many attempts are made, but to balance this with keeping the user from making a helpdesk call. What are some policies/techniques that have worked for this list with minimal hassle? Thanks! -Eugene

Hi all, As title, is that possible to develop a python version of tinc, that will be interesting:) Tks. Cong -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20161213/fcd83914/attachment.html>

Just wait tinc be more lib style for some future days:) 2016-10-09 22:45 GMT+08:00 Guus Sliepen <guus at tinc-vpn.org>: > On Sun, Oct 09, 2016 at 10:40:12PM +0800, Cong Monkey wrote: > >> If release as libtinc possible, will that possible that you relicence >> TINC as LGPL to make commercial use possible? > > Both tinc and MeshLink are licensed under the GPL and will

Hello: I have been looking into projects that will automatically restrict hacking attempts on my servers running CentOS 5. I think the two top contenders are: DenyHosts - http://denyhosts.sourceforge.net Fail2ban - http://www.fail2ban.org >From what I see, DenyHosts only blocks based on failed SSH attempts whereas Fail2ban blocks failed attempts for other access as well. The main benefit

I can't find a tinc work for no root android, so I try to port it to android by the right way. Auto tools does not integrate well with android studio ( cmake not too, but will work well in the future release)! 2016-10-09 22:16 GMT+08:00 Guus Sliepen <guus at tinc-vpn.org>: > On Sun, Oct 09, 2016 at 10:01:43PM +0800, Cong Monkey wrote: > >> Will tinc use cmake in the future?

Hi devs, I am a tinc user use tinc at windows every day, I use a bat file to start tinc in nodetach mode, and dig the problem when the network sucks. Is there any one interesting to develop a gui control app like for openvpn? Tks, Cong

Hi, after reading the docs (no man page) and seeing a few example howtos, I see none for Centos specifically. I hereby offer to write this and even host it, and any other wiki-able howto you want, if you can school me on the first few steps relevant to how to link up the current rpmforge rpm for RHEL4-64. See, right now, the one for centos loads into the /usr/share/doc, which is an odd place

Hi All, Will tinc use cmake in the future? auto tools is really hard to port to other platform like windows phone. Tks.

Hi all, Ive done this before but the solution alludes me now. Can someone please remind me how to change the default Redhat behavior of root email being sent from root at server.domain to root at domain. It's something in sendmail.mc from memory. Thanks

> However, it is not very beginner friendly. There's two thing lacking: > editting the configuration files from the app, and being able to run the > app without root privileges. For the latter, the app and maybe tinc > itself might need to be changed to use the VPN API to create a tun > device and to pass it to the tinc daemon. I don't even know if there is > something

Hi everyone, I am trying to set up an automated CentOS installation system. My idea is to use PXE to boot the kernel/initrd and pass the kickstart options to the kernel from there. This works correctly until it boots up Linux. As soon as it does that it makes a DHCP request and, unsurprisingly, it gets the same one (same MAC) but it also gets the filename and next-server details. Then Anaconda