Tag: ssh

  • VS Code Dev Containers

    Remote-SSH One of the things I’ve done a bit in Visual Studio Code is using it’s ability to work on a different machine over SSH. I have a couple of LXCs on a server set up for different languages – one for C++ and another for Rust. They are things I don’t work in often,…

  • SSH login notification

    My VPS’s are usually locked down so just ports 80 & 443 (for web server) and 22 (for ssh) are open. That’s great for reducing the attack surface, but having ssh open is a potentially disastrous vulnerability. For this reason I often close that at the cloud firewall level as well, but it has to…

  • Disable SSH root logins

    This always makes me laugh: It’s like half the traffic on the internet is bots trying random passwords on root accounts over ssh. This is on an Ubuntu VPS on BinaryLane that had only been spun up five minutes or so. Looks like about one attempt every 10 seconds. This is why the number three…

  • Ansible with Secrets

    We wrote a nice little Ansible playbook the other day to install nginx on our web servers and ensure it was running. We were able to store the usernames in the hosts inventory file using the ansible_ssh_user variable. Then, we ran the playbook with the command: ansible-playbook web_installs.yaml –ask-become-pass This asked us the password to…

  • SSH with Keys to Synology

    The Synology operating system DSM (I’m on DSM 7.1.1) is Linux, but its highly customised for the purpose of making running a complicated Linux NAS doable for less technical users. Due to that, some things that are routine in a regular distro, require a few more steps to jump through to get them to work.…

  • ssh key login on VPS

    Due to potential brute force attacks, it’s a good idea to turn off password access via shh and instead rely on ssh keys. In this post, I’ll run through that process. Generating your key On a mac (or actually most *ix systems), your ssh keys live in the .ssh directory inside the users home directory.…

  • SSH & the scary warning

    The first time you connect to a new server with ssh, it asks you something like: Once you’ve said yes, it adds the server ‘fingerprint’ to the known hosts file, then next time you ssh there, it feels safe – we know this server. But…. if you’re playing around with virtual machines. Loading them, booting…

  • Chinese Hackers Want to steal my Hello World container

    A smart thing to do after setting up a server on the internet, is to set up SSH keys and then turn passwords off for SSH. The reason for this is that scanning for open port 22 on IP addresses, then brute forcing password files on them is pretty much hacker 101. So if you…