Tag Archives: security

lighttpd + letsencrypt.sh

via letsencrypt.sh Three cases, a ’normal‘ www domain: www.filmfestapp.com a ’normal‘ subdomain where the naked domain is part of shared webspace: drop.mro.name a proxy subdomain for a rails application (redmine): developer.mro.name

hardening ssh (debian wheezy)

LogJam requires some action. (Article in german) Update (open-)ssh to a recent version (6.6)   $ echo "deb http://ftp.de.debian.org/debian wheezy-backports main" | sudo tee -a /etc/apt/sources.list $ sudo apt-get -u update $ sudo apt-get install -t wheezy-backports ssh $ sudo apt-get autoremove$ echo "deb http://ftp.de.debian.org/debian wheezy-backports main" | sudo tee -a /etc/apt/sources.list $ sudo apt-get -u update […]

Key-based FTP authentication

make a strong ssh key $ ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa turn to RFC 4716 $ ssh-keygen -e -f ~/.ssh/id_rsa.pub add to ~/.ssh/authorized_sftpkeys on destination host try out: $ curl -u „<username>:“ –key ~/.ssh/id_rsa –pubkey ~/.ssh/id_rsa.pub -T <file to upload> sftp://<target host>/<target path>/ $ lftp -u <username>,xx … sftp://<target host> P.S.: Hetzner FAQ zum […]