Don't get pwned. Lock down your SSH servers with PKI and other features with these few configuration changes.Read more
WPA2 Enterprise is the much more secure wifi authentication method. There's no hackers cracking login passwords if you do this, but there are a few downsides. Here's how to implement it for a small environment.Read more
This has to be the most poorly documented feature of Ubuntu ever. The more I use it the more I wonder if they aren't losing their focus for corporate use completely. It's almost enough to make me want to play with CentOS. With Ubuntu 12.04 Precise, you were able to deploy Desktop installations by using some files from the "Alternate Install" disk image and a full desktop image. Since you had…Read more
You may recall my previous article showing how to sync your OwnCloud repository on a headless Linux server. This process has changed with the newer version of the OwnCloud client and still isn't documented well on their site.
It's actually become much easier to do a complete sync - there's no worrying about a config file anymore, it's all done…Read more
The first major change with 14.04 was great news. Previously in order to have one of my Linux workstations authenticate users against our OpenLDAP directory required that I make changes to multiple PAM configuration files, add LDAP config files and more. It was quite a mess. Under 14.04, you now have the System Security Services Daemon (SSSD) which does it all from a single configuration file.Read more
I've had some weird glitches with my primary firewall this week. After a reboot, certain SNAT rules just didn't... happen. Or, other SNAT rules did. And it always seemed to only impact SIP traffic. For instance, after rebooting, SIP traffic from one internal phone server that's destined for another internal phone server at the other end of a VPN connection would spontaneously decide to SNAT itself to an external IP address, yet still go across the tunnel. Or, SIP traffic destined for the outside would decide to route correctly out the right adapter, but leave the private address on it, ignoring the SNAT rule I could plainly see in iptables.Read more