David Mackintosh (david.macki...@xdroop.com)

User Information

Display Name:

David Mackintosh

Partial Email Address:

david.macki...@xdroop.com

Posts:

25	total
25	in CentOS

5 Most Recent

All Posts

1) David Mackintosh Re: [CentOS] OT: is parted reliable?

+1 vote

How off-topic is it to ask precisely what is on-topic for this list if questions and discussions of...

CentOS

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Tue, Oct 14, 2008 at 11:13:18PM +0100, Karanbir Singh wrote:

> And Just to remind everyone that no, this is still not a general 
> conversation about stuff list.

How off-topic is it to ask precisely what is on-topic for this list
if questions and discussions of the included components belong on the
support mechanisms for those individual parts, and the rest (ie anaconda
and friends) probably belongs in the upstream vendor's forums?

What does that leave?  The color of the logo?

(I like the blue.)

-- 
 /\oo/\
/ /()\ \ David Mackintosh | 
         [email protected: d...@xdroop.com]  | http://www.xdroop.com -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFI9VA1cwUBd0wDJQQRAnpnAJ4/0jdjWx8xvZzM/tbzXJZU6/leXACdECZl
KPBwtUWzBWJpjLqjXNOWG60=
=0yWc
-----END PGP SIGNATURE-----

_______________________________________________
CentOS mailing list
[email protected: C...@centos.org]
http://lists.centos.org/mailman/listinfo/centos

2) David Mackintosh Re: [CentOS] Securing SSH

+1 vote

Strictly speaking, yes; however in practice, the number of bots (or, indeed, external users who are...

CentOS

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Tue, Mar 25, 2008 at 11:28:45AM -0700, Tim Alberts wrote:
> >http://wiki.xdroop.com/space/Linux/Limited+SSH+Access
> >  
> That sounds great for getting around a remote dynamic IP address, but 
> some more authentication/security on that web page is necessary, 
> otherwise, anyone who finds that web page is given access?

Strictly speaking, yes; however in practice, the number of bots (or,
indeed, external users who are not me) who the magic web page to hit
(my actual page is not named as the example on the web page is!)
before attacking the ssh connection is zero; therefore since the goal
was to prevent stupid robots from brute-forcing my ssh and filling my
logs, it isn't necessary.  

I mean, strictly speaking you'd next have to insist on a proper SSL
connection to the web server, otherwise you are at risk of someone
sniffing the username and password used in the .htaccess process. 
And then after that, you'd have to insist on some kind of security on
the remote system to ensure that your passwords are not being
captured.  Etc, etc.  

-- 
 /\oo/\
/ /()\ \ David Mackintosh | 
         [email protected: d...@xdroop.com]  | http://www.xdroop.com -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFH6UuvcwUBd0wDJQQRAhR0AJ4wMZZk/r+kAyefHl6vRrqFBIE/vgCff6UW
M6fryQZRwVVPHbbt3om9Nac=
=6n5J
-----END PGP SIGNATURE-----

_______________________________________________
CentOS mailing list
[email protected: C...@centos.org]
http://lists.centos.org/mailman/listinfo/centos

3) David Mackintosh Re: [CentOS] Securing SSH

+1 vote

This is what I do. http://wiki.xdroop.com/space/Linux/Limited+SSH+Access

CentOS

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Tue, Mar 25, 2008 at 09:48:17AM -0700, Tim Alberts wrote:
> So I setup ssh on a server so I could do some work from home and I think 
> the second I opened it every sorry monkey from around the world has been 
> trying every account name imaginable to get into the system.
> 
> What's a good way to deal with this?

This is what I do.

http://wiki.xdroop.com/space/Linux/Limited+SSH+Access

-- 
 /\oo/\
/ /()\ \ David Mackintosh | 
         [email protected: d...@xdroop.com]  | http://www.xdroop.com -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFH6UJ2cwUBd0wDJQQRArJZAJ9Gf/6YhEgjMFUi3di6Tv5agwf7LwCeMrWL
jmLCnMATCxN8NKfBQjbuagg=
=v3Pm
-----END PGP SIGNATURE-----

_______________________________________________
CentOS mailing list
[email protected: C...@centos.org]
http://lists.centos.org/mailman/listinfo/centos

4) David Mackintosh Re: [CentOS] Xen or VMWARE on CentOS 5

+1 vote

This is pretty much what I do. I also keep stock "reference" images for each OS I support and copy...

CentOS

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Wed, Feb 27, 2008 at 08:03:09AM -0600, Les Mikesell wrote:
> Ern jura wrote:
> >Does anyone out there have a comprehensive tutorial on installing VMware 
> >and
> >successfully managing virtual machines with either xen or vmware?
> 
> VMware is pretty simple: download the server rpm, install it, run the 
> vmware-config.pl setup script to set the options and install your (free) 
> license key.  Then run vmware locally or from some other machine to 
> access the console where you can create and start the virtual machines. 
>  Once created, you can treat the virtual machines like they were 
> separate physical boxes except that they contend for host resources (and 
> once they are up on the network I prefer to connect directly to them 
> with ssh, X, freenx, or vnc instead of using the VMware console.  You'll 
> want plenty of RAM on the host machine and if you run several VM's they 
> will perform better if you can spread them over different disk drives.
> 
> With VMware you can copy your disk images over to a Windows or Mac host 
> and run them with no changes (Mac version isn't free, though).

This is pretty much what I do.  I also keep stock "reference" images
for each OS I support and copy from the reference image every time I
need to deploy a new VM.

I like the idea of Xen, but the documentation is a little thin
especially when it comes to installing useful things like Windows
VMs; I don't have the time to solve the problem properly, and I hope
that in a year or two I can change this.

-- 
 /\oo/\
/ /()\ \ David Mackintosh | 
         [email protected: d...@xdroop.com]  | http://www.xdroop.com -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFHxZ9XcwUBd0wDJQQRAmj0AJ96DVWpglCksCg2rUiZ3dgKwhq0MwCeN3Lo
05/MNwA1A4JeY05haCOYv2E=
=Xm0z
-----END PGP SIGNATURE-----

_______________________________________________
CentOS mailing list
[email protected: C...@centos.org]
http://lists.centos.org/mailman/listinfo/centos

5) David Mackintosh Re: [CentOS] Making FORWARD_IPV4=YES permanent / DHCP multiple routers

+1 vote

edit /etc/sysctl.conf Not as far as I know....

CentOS

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Tue, Feb 12, 2008 at 10:26:54AM -0800, Tim Alberts wrote:
> So how do I do this?

edit /etc/sysctl.conf

> option routers 10.0.0.1 10.0.0.2;

Not as far as I know.

-- 
 /\oo/\
/ /()\ \ David Mackintosh | 
         [email protected: d...@xdroop.com]  | http://www.xdroop.com -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFHsedCcwUBd0wDJQQRAj5/AJ0fDki5C0zUo+RP33OGg4wyKe4r3wCfSisZ
utL6xrX0BddZCPzNdK/Msb8=
=Nh72
-----END PGP SIGNATURE-----

_______________________________________________
CentOS mailing list
[email protected: C...@centos.org]
http://lists.centos.org/mailman/listinfo/centos

Highlight

Profile | Posts (25)

Home > People > David Mackintosh