For most of my Linux projects, and a lot of the tutorials on this site, I fire up a virtual machine on Hyper-V and load a minimal Debian system. Working with a Debian system gives me a stable, clean, platform I can easily customize as needed. If you were interested in a similar setup, here’s a walkthrough.
There are lots of times when you need a static IP, especially for server systems. It’s pretty simple on Debian, we only have to edit a few files and run a few simple commands.
Despite being around for a while, DANE has been only been slowly catching on in the last few years. But, that’s finally starting to change as encrypted DNS gets more popular and people have started to realize the advantages DANE offers. Want to implement it using free certificates from Let’s Encrypt? You should! Let’s do it…
If you run a server of any kind, you know the importance of making sure your clients can securely connect. Many people rely on Let’s Encrypt since they issue free certificates that make these secure connections possible. However, those certificates are only good for 90 days and then have to be renewed… that’s a hassle! Enter Certbot…
Have a server that’s offering services that need to be secured with TLS but you can’t install a web server, can’t open port 80 or have something using that port you can’t shutdown? How do you get free Let’s Encrypt certificates? If you’re using Cloudflare for your DNS we can use certbot and automate the whole thing including renewals! If you’re using another DNS server provider, the basic process still works too.
There’s lots of instances where you need a certificate for a non-web server system. Popular examples of this include database servers, git-servers, docker-repos, etc. However, free providers like Let’s Encrypt usually validate your server by means of an HTTP lookup for a specific file and that means you need a way to serve that file but, we aren’t running a web server. Catch-22? Not necessarily…
If you’re running a Linux system, you need SSH access. It’s just a fact for any administrator. More over, you need quick, secure access with a minimum of security prompts. It’s not hard to get that set up and use the latest elliptical-curve security to boot!
Generating self-signed certificates is a common task that every admin needs to do from time to time for any number of reasons. Here’s how to make an OpenSSL configuration file to generate properly formed certificates quickly.
If you’ve been using Linux for any amount of time or even just getting your feet wet in the world of administering a Linux system, you’ve definitely seen references to ‘sudo’ or been told to use ‘sudo’ when executing certain commands. But, what is ‘sudo’, why should you use it and how do you install and set it up?
Most every program you install and run, especially services, generate some form of log file and nearly everyone only checks those logs when something bad happens. Why? Because there are so many logs to check! Well, that’s where a log parsing program can be a lifesaver. I like using Logwatch on my Debian/Ubuntu systems. Logwatch is a nice, lightweight, easy-to-use program that generates a summary report that can be emailed nightly or on whatever schedule you choose.
Sometimes you’re running a server to provide a specific service and you need it to send you status updates via email but do NOT need the overhead and complexity of having it run a mailserver or complicated MTA.