October 7, 2009, 4:05 PM
So maybe you’ve gotten tired of entering your password every time you log in to your home server. Maybe you desire better security. Or maybe you want to run automated scripts from a remote box and have their results piped to a local file. (Yay nerdiness!) Regardless this article is for you.
I’m not sure how to do this if your using putty, (feel free to contact me if you know) but I do when it comes to any Linux/BSD based operating system with the standard ssh package. First off you need to generate a RSA key pair (or DSA, your choice) on your client machine. Do this by running
ssh-keygen -t rsa
And just use the default location for the keys to be saved when asked. Heres the big thing to remember: when it asks for a password, DO NOT give it one. If you do than you will have to enter it every time you use the keypair.
The next step is to copy the public key into the ~/.ssh/authorized_keys file on your server. If this file does not exist already simply run the following to copy it over
scp .ssh/id_rsa.pub user@remoteserver:~/.ssh/authorized_keys
Then try connecting to the server. It should instantly login. Now, if your authorized_keys file already exists then what you need to do is append your public key to it. A simple copy+paste usually works, just be careful not to break any lines.
And that’s how you setup public key authentication with ssh. You can also change your server’s ssh daemon confiuration file to disable password authentication if you wish, but be sure you have a backup method of obtaining access to your server if you lose your private key.
October 5, 2009, 8:28 PM
Us bloggers pretty much have it made. We write our opinion about something and don’t really have to worry about the cost of the medium used to distribute it. Sure, 30$ USD per month is still a little bit of a bill for hosting services, but most bloggers have a solution to this: Advertising.
Back in June I wrote a post about how the FTC was starting to pay attention to blogger freebies. (Basically compensation for posts) Well, their threat wasn’t idle. According to this article, bloggers (in the U.S.) now must abide by one simple guideline for sponsored/compensated posts: Disclosure. And not a simple note in the middle of the article, but as stated by a official in the FTC “clear and conspicuous.”
The problem I still see with this is how one would define “clear and conspicuous,” because if no one has a solid definition for it than bloggers could be at risk. Lets hope the FTC clarifies this a bit soon before things possibly go bad.
October 4, 2009, 8:03 PM
Just today I recalled that I was going to commit myself to posting an analysis of the spam I received each month. That was waaay back around March, so I’ve decided maybe I shouldn’t commit to that sort of time frame. What made me take so long? Well..
This is my personal account’s spam box you see here. While this isn’t really that much spam, it is still a lot to analyze. And this account doesn’t get spammed nearly as much as my website related ones.
So, instead of analyzing spam from my mailbox today, I’ve decided to post a small analysis of some of the denied mail in my mail server logs. This is much easier to do.
Sep 20 09:15:03 wine postfix/smtpd[7384]: NOQUEUE: reject: RCPT from unknown[219
.85.166.*]: 554 5.7.1 Service unavailable; Client host [219.85.166.*] blocke
d using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=219.85.166.*; fr
om=<joe_***@gmail.com> to=<vbibi***@gmail.com> proto=SMTP helo=<209.40.199.*>
Sep 20 09:45:25 wine postfix/smtpd[7422]: NOQUEUE: reject: RCPT from 118-169-213
-*.dynamic.hinet.net[118.169.213.*]: 554 5.7.1 Service unavailable; Client h
ost [118.169.213.*] blocked using zen.spamhaus.org; http://www.spamhaus.org/qu
ery/bl?ip=118.169.213.*; from=<frances-****@gmail.com> to=<vbibio**@gmail.com>
proto=SMTP helo=<209.40.199.*>
Sep 20 10:13:34 wine postfix/smtpd[7467]: NOQUEUE: reject: RCPT from 123-204-136
-*.adsl.dynamic.seed.net.tw[123.204.136.*]: 554 5.7.1 Service unavailable; C
lient host [123.204.136.*] blocked using zen.spamhaus.org; http://www.spamhaus
.org/query/bl?ip=123.204.136.*; from=<baby***@gmail.com> to=<vbibi***@gmail.co
m> proto=SMTP helo=<209.40.199.*>
Sep 20 12:56:52 wine postfix/smtpd[11310]: NOQUEUE: reject: RCPT from unknown[21
9.85.3.*]: 554 5.7.1 Service unavailable; Client host [219.85.3.*] blocked usi
ng zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=219.85.3.*; from=<all9
***@gmail.com> to=<vbibi***@gmail.com> proto=SMTP helo=<209.40.199.*>
As you may have noticed, all the logs here state this particular spammer was always using the same helo line, which is
209.40.199.*
Thus it would be beneficial for me to add this to my helo deny list. Even though I’ve blanked out the last few digits, it is still the same IP each and every time. The next thing I’ve noticed is the constant attempts to send to this email
vbibi***@gmail.com
Which I assume is either a really unfortunate victim, or an email used to check if a specific server is open. Yet again, this is the same address for each of the log lines, even with the last few bits of it are blanked out.
