ciphermethod.com

Author Archive

VMware vCenter Server Upgrade

by on Jul.20, 2009, under VMware

If moving a host to a new VMware vCenter Server produces this error:
Failed to install the VirtualCenter Agent service.
Login failed due to a bad username or password.

Do this at the host:
service mgmt-vmware restart

Leave a Comment more...

Acquired By The Borg

by on Jul.06, 2009, under Hacker

So, your company has been acquired. If climbing inside an escape pod and jettisoning your self into deep space is not an option, here is a list of things to expect:

  • An order will be made to lower your firewalls and surrender your servers.
  • You will be assimilated.  Resistance will only slow the process down.
  • Assimilation is a means of adding or replacing spent drones.
  • The Borg have no feeling, no emotion, no individual thought.
  • Each Borg is part of a giant subspace communications network called Exchange Server.
  • All communication is transmitted to the entire Collective via a process entitled Carbon Copy.
  • Your present function and title is irrelevant.
  • Strength is irrelevant.
  • Negotiation is irrelevant.
  • Freedom is irrelevant.
  • Self-determination is irrelevant.
  • Your life as it had been is over.
  • From this time forward, you will service them.
  • Your culture will adapt to service them.
  • They will add your biological and technological distinctiveness to their own.
  • Resistance is, and always has been, futile.
  • You will become one with the Borg.
Leave a Comment more...

BASH: createsftpaccount.sh

by on Mar.04, 2009, under Linux, Scripts


#!/bin/sh
#
# Create SFTP user account
#
# 20090304 jah - new
#

if [ "$1" == "" ]
then
  echo
  echo user login to create is blank
  echo use: $0 user
  echo
  exit
fi
 
/usr/sbin/useradd -g sftponly -d /sftpusers/$1 $1
mkdir -p /sftpusers/$1/data
chown root:root /sftpusers/$1
chmod 755 /sftpusers/$1
chown $1:sftponly /sftpusers/$1/data
chmod 700 /sftpusers/$1/data
passwd $1

Leave a Comment more...

UNIX Administrators

by on Feb.10, 2009, under Hacker

UNIX Administrators: Saving servers from nefarious end-users since 1969.

Leave a Comment more...

How-To: Create Encrypted Partition with Key File

by on Feb.05, 2009, under Hacker

Make sure kernel modules are present:
modprobe aes
modprobe dm-crypt
Create a 256 bit key file containing random data:
dd if=/dev/random of=/etc/key bs=1 count=256
chown root:root /etc/key
chmod 600 /etc/key
Initialize device:
cryptsetup –verbose -c aes-cbc-essiv:sha256 luksFormat /dev/sdb1 /etc/key
answer “YES” if you would like to overwrite data on /dev/sdb1 irrevocably
Create device mapping in /dev/mapper:
cryptsetup –key-file /etc/key luksOpen /dev/sdb1 sftpusers
Format partition:
mkfs.ext3 /dev/mapper/sftpusers
Add partition to /etc/fstab:
/dev/mapper/sftpusers /sftpusers ext3 defaults 0 0
Create/update /etc/crypttab with device info:
sftpusers /dev/sdb1 /etc/key

Reboot to verify that volume is mounted automatically. This configuration has been tested on Red Hat Enterprise Linux 5.

Done in order to satisfy a PCI compliance issue with VMware volume files. Files should be encrypted when not in use. Of course, this only ensures an encrypted virtual disk file at the ESX file system level. Credit card data inside the virtual drive still needs to be encrypted so that it is not accessible when the system is live.

Note: Exclude the key parts if you want an encrypted partion with prompt for password at boot.

Leave a Comment more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

But Wait, There's More!

A few highly recommended friends...

Old Stuff

All entries, chronologically...