SSH key management is required in each environment.
In this post I want explain how to do it with puppet on the simple way.
I’ve created a module, which is a wrapper around core puppet types User and Ssh_authorized_key. This wrapper enables an easy key management via integration with hiera on puppet. (and it was a good exercise in rspec-puppet:) )
Hiera within Puppet is a great thing, especially starting with puppet 3.
But there are still some limitations, like priority lookup only with automatic parameter lookup.
I use following iptables and ip6tables rules as a default. This rules provide basic security level:
There are already several articles about perfect forward secrecy and safe ssl configuration with according recommendations on the net, like this
But I missed somehow a short overview for me with verification instructions and all information links in one place. So this article is going to cover Perfect Forward Secrecy(PFS) for the software: apache, postfix, dovecot and represents somehow a summary over different information.
The installer of Linux Mint doesn’t support the installation on encrypted raid 1 with LVM out of the box.
Following steps are required to do this with Linux Mint 16 (without GPT&UEFI)
We are using only Linux and no Odin and VirtualBox to update Galaxy S II to Android 4 alias Ice Cream Sandwich.
We are going to install ClockworkMod Recovery on the Galaxy Tab 2 10.1 (GT-P5100) with heimdall. After that you can root your stock image or install CyanogenMod on your tab. If you have another version of Galaxy Tab 2 you will need other images for it, for links take a look at the links at the bottom.
We are going to create a simple cron job to dump the DBs, so you can save this dumps on the regular way with your backup software.
If you running some php web applications with heavy load you should use some accelerators like APC or eAccelerator for PHP. I noticed that official build instructions in readme’s and official homepages are not completely usable to get it working.
You may need custom recovery if you want to do nandroid backups of flash some zip files. I will use Linux to flash it.