I am finishing this book from Dr Paul Brand. Very interesting the perspective we have from pain, and how we really need it.
I already use RSA ssh keys to access my VPS but a friend of mine send me a link about ED25519 public-key algorithm. But why ssh-keys? Mainly to avoid to type your password every single time.
I will not explain the maths behind because I can’t (but I would love to understand) so wikipedia can do a better work (and in the main time, think of donating a few bucks 🙂
If you still want to generate RSA keys (you can have both), this is my go-to link:
Summary, just in case the links disappear:
# create your key RSA or Ed25519
$ ssh-keygen -t rsa -f ~/.ssh/id_rsa4096 -b 4096 -C "user@origin"
$ ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "user@origin"
# Add your priv key into your ssh-agent so it is used when connecting to the destination
$ ssh-add ~/.ssh/id_xxx
# Copy your PUBLIC!!! key to the remote server you want to login with that key (and so you dont need to type a password)
$ ssh-copy-id -i .ssh/id_xxx.pub user@remove_server
# Test your new ssh-key
$ ssh -i ~/.ssh/id_xxx user@remove_server
At work, we use a vendor whose Network Operating System (NOS) is based in Linux. I am a network engineer so I was troubleshooting an issue inside a VRF. I couldn’t use much of the normal commands in the default VRF. So I opened a ticket with the vendor and learned a bit how the VRFs are implemented under the hoods. Obviously (not for me) they use Linux Namespaces, after googling the meaning of the commands they sent. My search brought me to the following links:
This is a good intro:
From this link, I took some examples in my quick search
At the end I used commands like these:
$ sudo ip netns list $ sudo ip netns exec ns-INET ip link list $ sudo ip netns exec ns-VRF1 arp -a $ sudo ip netns exec ns-VRF1 route -n $ sudo ip netns exec ns-VRF1 telnet -b src_ip dst_ip port $ sudo ip netns exec ns-VRF1 tcpdump -i lo4 -nn tcp 179 $ sudo ip netns exec ns-VRF1 ss --tcp --info $ sudo ip netns exec ns-VRF1 ss --tcp --info -nt src IP
As well, “ss” is such a useful command for troubleshooting and I always feel that I dont make the most of it:
Still in progress:
1- Get a VPS:
There are so many options, AWS, GCP, OVH, etc. I used OVH as it was pretty cheap initially and chose the most basic VPS. I use Debian as OS.
2- Get a domain
There are many place to buy domains, you dont need anything fancy and spend big. Just google. I used OVH too
3- Install LAMP
I used several links.
The above should give you a working database (MariaDB/MySQL), PHP(7.0) and a web server (Apache2).
I found an issue trying to get apache and php to work.:
At the end I had to remove a module, add php7.0 module and restart. Afterwards I could thest apache was executing php. Once that was configured I removed the php file as recommended.
sudo a2dismod mpm_event sudo a2enmod php7.0 sudo systemctl restart apache2
If apache+php dont work properly, the next steps will fail.
4- Install PHPmyAdmin
I used these links:
4- Get SSL cert:
You can get this for free: https://letsencrypt.org/
It is so easy to get your certs generated, installed and renewed, that I can’t believe it:
5- Install WordPress
Still needed some tweaking as I am pretty clueless with Apache to make work WordPress:
Keep in mind that you will create several user/pass.
- mysql root user/pass
- phpmyadmin user/pass
- wordpressuser for mysql
- wordpressuser for UI
Be conscious with the security, you don’t want your server/apps to be hacked and used for doggy activity.
Will ask for help to some friends and will another post how to secure this environment.
We are in the XXI century, social media is everywhere, let’s do something disruptive… create another blog. Believe me, the world is not going to change