posts tagged "security"

Secure your Linux console and SSH with 2FA (TOTP)

May 17, 2019

debian ubuntu security sudo

Passwords are great and a strong password is definitely the first line of defense against unauthorized access. But, if you think your Facebook account is important enough to warrant another layer of security so people can’t hack pictures you posted about your lunch, then surely you can understand why your Linux console could use another security wrapper too, right? Let’s add second factor authentication (2FA) to your console, su, sudo and SSH access all in just a few easy steps.

Implementing DANE with certbot using Let's Encrypt certificates

Feb 06, 2019

dane tls ssl certificate security certbot letsencrypt

Despite being around for a while, DANE has been only been slowly catching on in the last few years. But, that’s finally starting to change as encrypted DNS gets more popular and people have started to realize the advantages DANE offers. Want to implement it using free certificates from Let’s Encrypt? You should! Let’s do it…

Automatically renewed free SSL certificates using certbot on Debian running NGINX

Jan 30, 2019

certbot debian ubuntu letsencrypt security ssl certificate nginx

If you run a server of any kind, you know the importance of making sure your clients can securely connect.  Many people rely on Let’s Encrypt since they issue free certificates that make these secure connections possible.  However, those certificates are only good for 90 days and then have to be renewed… that’s a hassle!  Enter Certbot…

Free SSL certificates using Cloudflare DNS validation and certbot

Jan 22, 2019

debian ubuntu certificate security tls ssl certbot cloudflare certbot letsencrypt

Have a server that’s offering services that need to be secured with TLS but you can’t install a web server, can’t open port 80 or have something using that port you can’t shutdown? How do you get free Let’s Encrypt certificates? If you’re using Cloudflare for your DNS we can use certbot and automate the whole thing including renewals! If you’re using another DNS server provider, the basic process still works too.

Free SSL certificates without a web server

Jan 18, 2019

debian ubuntu certificate security tls ssl certbot letsencrypt

There’s lots of instances where you need a certificate for a non-web server system. Popular examples of this include database servers, git-servers, docker-repos, etc. However, free providers like Let’s Encrypt usually validate your server by means of an HTTP lookup for a specific file and that means you need a way to serve that file but, we aren’t running a web server. Catch-22? Not necessarily…

Proper self-signed certificates on Debian

Jan 15, 2019

debian ubuntu certificate self-signed security tls ssl

Generating self-signed certificates is a common task that every admin needs to do from time to time for any number of reasons. Here’s how to make an OpenSSL configuration file to generate properly formed certificates quickly.

Remote Desktop and CredSSP remediation error

May 17, 2018

remote-access rdp security windows windows-server

Starting with the May cumulative Windows 10/Server 2016 update, you may have run into a CredSSP error when trying to connect via Remote Desktop Protocol (RDP) to another computer.