Recent Posts
Twitter Updates
- Epic multiboxer, looks like hunters and druids. So many accounts. So much money for monthly subscription. https://t.co/EXciz7YxHb 1 year ago
DIY, tutorials, stuff for geeks, all updated when I have the time to spare.
I recently fired up a CentOS 6 VPS for debugging and testing some remote stuff. However, when I tried using an SSH key to remotely login, I was stopped with the dreaded “Server refused our key” error that we’ve all seen when we mess up an SSH key or use a PuttyGen-created public key rather than copy/pasting the OpenSSH key contents into authorized_keys like we should (don’t act like you’ve never done it).
So I triple-checked everything and even used ssh-keygen on the server to create the keys rather than using PuttyGen, but it still wouldn’t work. As I was Googling around searching for answers, I noticed people using a restorecon command and the “PermitRootLogin without-password” setting in their sshd_config file for enabling root login via passwordless keys. An example post can be found here.
Turns out the restorecon command is what we need to use. I don’t know much about the command but it’s man-page says it “restore file(s) default SELinux security contexts”.
After running this on my server, I was able to login as user adam with a password-less SSH key:
restorecon -R -v /home/adam/.ssh
I’m honestly not sure what the resetorecon command does, but I know its what’s needed to make password-less SSH keys work for user adam. If you want to login as root with a password-less SSH key, then you’d run this command:
restorecon -R -v /root/.ssh
As a note, I’m unsure if this is just CentOS 6 or not, but a friend that uses CentOS 5.x said that he has never had to use the restorecon command to get SSH keys to work, so it might be a new standard feature found in the release notes of CentOS 6.
Let’s face it, most of the stuff you keep in Dropbox aren’t important. No one will be trying to guess your password for your archive of gifs and lolcat pics. However, you might have some sensitive data such as personal pictures or legal documents. Here are a couple of the simplest methods to protect your sensitive data. These methods are based on protecting individual directories/folders, so they should work for any cloud storage solution such as Dropbox, Skydrive, Google Drive, SugarSync, etc.
The easiest method of password protecting a directory is to compress it as a ZIP file with a password.
Now just delete the uncompressed folder. Each time you need to edit or see files in the folder you’ll have to unzip it, and rezip it when you’re done.
Using TrueCrypt, you can securely encrypt the directory with a password. With this method, the directory can be mounted as a drive anytime you’d like to use it. Then you can add, remove, or alter files as you want before unmounting it. I chose TrueCrypt because they have clients for Windows, Mac, and Linux. I will be covering its installation and use in Linux, but the method should be similar for Windows as well.
To dismount the volume, you must either right-click the volume from within the TrueCrypt window and selecting “Dismount” or by clicking the “Dismount All” button. Simply unmounting the volume like you would a USB drive (such as clicking the little eject icon on the menu on the left) will not unmount the encryption, so you will be able to remount it without inputting a password. For this reason, be sure to dismount the volume via TrueCrypt.
After installing Ubuntu 12.10 and Skype, I noticed that Skype doesn’t have an option to automatically start once you log in. I’m unsure if this is true for previous versions of Ubuntu, but if so, the fix is still easy. To remedy this, you just need to add it to the “Startup Applications” list in your settings. For the command, just use “skype” without quotes, like so:
Looks like Steam will be opening the Linux beta to everyone next week!