How to Authenticate Users to a SSH Server Using Monkeysphere on an Ubuntu VPS

Introduction

Administering large numbers of SSH keys and servers can be very difficult as your organization grows. Correctly identifying valid keys and removing invalid keys throughout an organization can be fraught with errors and have huge consequences on your server security.

In addition, when there are server changes, sometimes your users will receive warnings about being unable to establish the authenticity of your server. Most users will not double-check the key fingerprint of the server before connecting, allowing someone to potentially spoof the server and execute a man-in-the-middle attack.

A project called monkeysphere was created to address these issues. It does this by leveraging GPG keys and the web of trust model to both validate a server’s credentials, and provide easy user management.

In a previous guide, we discussed how to setup monkeysphere to validate servers to users. We will continue where we left off in this guide, where we will learn how to authenticate users to our servers automatically, based only on their GPG keys and our server administrator’s trust in these users. This will allow us to create authentication files that use plain English instead of mostly cryptographic information.

This guide will assume that you have the setup that we left off with in the previous guide (server.example.com, admin.example.com, client.example.com with the necessary trust relationships established). Let’s get started. Continue reading How to Authenticate Users to a SSH Server Using Monkeysphere on an Ubuntu VPS

How To Validate SSH Server Identities with Monkeysphere on an Ubuntu VPS

Introduction

Administering large numbers of SSH keys and servers can be very difficult as your organization grows. Correctly identifying valid keys and removing invalid keys throughout an organization can be fraught with errors and have huge consequences on your server security.

In addition, when there are server changes, sometimes your users will receive warnings about being unable to establish the authenticity of your server. Most users will not double-check the key fingerprint of the server before connecting, allowing someone to potentially spoof the server and execute a man-in-the-middle attack.

A project called monkeysphere was created to address these issues. It does this by leveraging GPG keys and the web of trust model to both validate a server’s credentials, and provide easy user management.

In this guide, we will discuss how to set up monkeysphere in order to validate your server to users. This will solve the problem of users having to guess whether the server they are connecting to is actually the one they’re attempting to access. Usually, when you connect to a server for the first time, you will see something that looks like this: Continue reading How To Validate SSH Server Identities with Monkeysphere on an Ubuntu VPS

menghitung resistor buat lampu led

Dalam menyalakan LED kita harus menggunakan resistor untuk membatasi arus yang mengalir pada dioda LED. Jika arus listrik terlalu kecil maka kita tidak akan mendapatkan kecerahan yang maksimal, sebaliknya jika arusnya terlalu besar maka LED akan cepat panas sehingga dapat memperpendek umur LED. Nilai resistor dapat dihitung dengan rumus R = V / I. V adalah tegangan yang jatuh pada resistor, yaitu selisih tegangan sumber dengan tegangan Vf LED. I adalah arus dari resistor yang mana tentu saja sama dengan
nilai arus dari LED (prinsip rangkaian seri).

Contoh 1: Continue reading menghitung resistor buat lampu led

Intermediate Sed: Manipulating Streams of Text in a Linux Environment

Introduction

The sed stream editor is a powerful editing tool that can make sweeping changes with very little input. In our previous article on sed, we discussed the basics of using sed to edit text.

This article will continue our introduction by examining some more advanced topics.

Supplying Multiple Editing Sequences

There are quite a few instances where you might wish to pass multiple commands to sed simultaneously. There are a few ways that this can be accomplished.

If you don’t already have the files at hand, let’s recreate our environment from last time so that we have some files to manipulate:

cd
cp /usr/share/common-licenses/BSD .
cp /usr/share/common-licenses/GPL-3 .
echo "this is the song that never ends
yes, it goes on and on, my friend
some people started singing it
not knowing what it was
and they'll continue singing it forever
just because..." > annoying.txt

Since sed operates through standard input and output, we can, of course, just string different calls to sed together through a pipeline (remember to escape the “&” since it means “the complete matched pattern” to sed): Continue reading Intermediate Sed: Manipulating Streams of Text in a Linux Environment

The Basics of Using the Sed Stream Editor to Manipulate Text in Linux

Introduction

The sed stream editor is a text editor that performs editing operations on information coming from standard input or a file. Sed edits line-by-line and in a non-interactive way.

This means that you make all of the editing decisions as you are calling the command and sed will execute the directions automatically. This may seem confusing or unintuitive, but it is a very powerful and fast way to transform text.

This tutorial will cover some basics operations and introduce you to the syntax required to operate this editor. You will almost certainly never replace your regular text editor with sed, but it will probably become a welcomed addition to your text editing toolbox. Continue reading The Basics of Using the Sed Stream Editor to Manipulate Text in Linux

How to Scale Django: Beyond the Basics

Getting Started

You’ve deployed Django to your Droplet and life is good. You bumped into some performance problems as your site’s traffic grew but you’ve found the bottleneck and fixed it. However, your site’s traffic keeps growing. Somehow you need more performance…what can you do?

Let’s dig into the guts of our application and server configuration a little. This article is written on the assumption that you’re using Ubuntu 12.04, but the principles work with any version of Linux.

If you’re using Apache then you should have followed the instructions for optimizing your webserver. If you are using Nginx, these tips will work for you as well. Continue reading How to Scale Django: Beyond the Basics

How To Optimize Apache Web Server Performance

Introduction

Apache is an amazingly powerful and capable web server. In order to make initial setup as easy as possible, it comes with numerous modules pre-installed. This makes it a great choice for new projects when you need to quickly be productive. However, as your site grows you may start to bump into performance problems.

What first attracted me to DigitalOcean was the low cost to get started. The smallest and cheapest droplets have 512MB of RAM, which doesn’t seem like much in today’s world of big frameworks. However, you’d be surprised what you can do with a small server like this if you take a little time to tweak the settings.

If you’re running Apache on one of the smaller sizes of droplets, or if you want to maximize your performance on the bigger droplets, here are a few things you should do. I’ll be using Ubuntu 12.04 in the examples but the principles I’m demonstrating are applicable to other versions of Linux as well. Continue reading How To Optimize Apache Web Server Performance

How To Scale Django: Finding the Bottleneck

Introduction

Django is an excellent Python based platform for building modern web apps. One of its biggest strengths is that it helps developers work faster.

You’ve built your awesome app and deployed it. Things are great, but now that you’re loading it up with larger amounts of data and you’re starting to have several people use it at the same time, it’s not as fast as you’d like.

It’s a common problem. Fortunately, we have some tools to help alleviate the problems.

First, let’s check for a few of the more obvious issues: Continue reading How To Scale Django: Finding the Bottleneck

How To Create Hot Backups of MySQL Databases with Percona XtraBackup on Ubuntu 14.04

How To Create Hot Backups of MySQL Databases with Percona XtraBackup on Ubuntu 14.04

Introduction

A very common challenge encountered when working with active database systems is performing hot backups—that is, creating backups without stopping the database service or making it read-only. Simply copying the data files of an active database will often result in a copy of the database that is internally inconsistent, i.e. it will not be usable or it will be missing transactions that occurred during the copy. On the other hand, stopping the database for scheduled backups renders database-dependent portions of your application to become unavailable. Percona XtraBackup is an open source utility that can be used to circumvent this issue, and create consistent full or incremental backups of running MySQL, MariaDB, and Percona Server databases, also known as hot backups.

As opposed to the logical backups that utilities like mysqldump produce, XtraBackup creates physical backups of the database files—it makes a copy of the data files. Then it applies the transaction log (a.k.a. redo log) to the physical backups, to backfill any active transactions that did not finish during the creation of the backups, resulting in consistent backups of a running database. The resulting database backup can then be backed up to a remote location using rsync, a backup system like Bacula, or DigitalOcean backups.

This tutorial will show you how to perform a full hot backup of your MySQL or MariaDB databases using Percona XtraBackup on Ubuntu 14.04. The process of restoring the database from a backup is also covered. The CentOS 7 version of this guide can be found here.

Prerequisites

To follow this tutorial, you must have the following:

  • Superuser privileges on an Ubuntu 14.04 system
  • A running MySQL or MariaDB database
  • Access to the admin user (root) of your database

Continue reading How To Create Hot Backups of MySQL Databases with Percona XtraBackup on Ubuntu 14.04