Using SSH keys on your server


An SSH key will let you automatically log into your server from one particular computer without needing to enter your password. This is convenient if you make frequent SSH and scp connections to your server.


You will create an SSH key on your computer, and then configure your server to accept it. This will allow you to automatically log into your server from this computer, without being prompted for your password.


Please do not set up an SSH key on a public or shared computer that does not use individual profiles. This will allow strangers to easily access your server.



  • SSH configured for a user on your server:
  • SSH on your local computer: this walkthrough is for Linux/Unix computers, including Mac OS X. See the note at the end of this article for extended PuTTY instructions (for Windows computers).
  • A previous SSH connection made from this computer. If you haven’t ever used this computer to log into another server with SSH, please do so now. A simple login will suffice to generate the correct files on your local computer. See the previous links for instructions.


  1. This step is run on your remote server.
    Grid: Log into your server via SSH with your Server Administrator user and execute the following command:

    mkdir ~/.ssh

    DV: Make the initial SSH connection as the root user and change to the home directory for the user you are creating the key for, then create the .ssh directory:

    cd /path/to/users/directory && mkdir .ssh
  2. This step is run on your local computer. Generate a key on your local computer, using strong encryption:
    ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa -C "Enter an optional comment about your key"

    You should receive a prompt similar to the following. Please use a strong password. If you plan on using your key for automated tasks that don’t require interaction, such as rsync, you might want to leave this blank:

    Enter passphrase (empty for no passphrase)

    Once you have entered your password twice, you should see output similar to:

    Your identification has been saved in /Users/username/.ssh/id_rsa.
    Your public key has been saved in /Users/username/.ssh/
    The key fingerprint is:
    60:b5:c1:b7:ee:ab:31:d1:70:d8:03:41:df:0f:08:eb Enter an optional comment about your key
    The key's randomart image is:
    +--[ RSA 2048]----+
    |     .=.         |
    |     . B o       |
    |      X B o      |
    |     o X o o     |
    |      E S   .    |
    |       o         |
    |      o .        |
    |       +         |
    |      ..o.       |
  3. This step is run on your local computer. Make sure your .ssh directory and the files it contains have the correct permissions:
    chmod 700 ~/.ssh && chmod 600 ~/.ssh/*
  4. This step is run on your local computer. Upload your public key to your server. The command below reads the content of the key you just created on your computer, and appends that key to the authorized_keys file on your server. If you don’t have an existing authorized_keys file, it creates one. Replace with your domain:
    cat ~/.ssh/ | ssh 'cat - >> ~/.ssh/authorized_keys'
  5. This step is run on your remote server. Make sure you’re logged in as the user for whom the key was created. Then, ensure your .ssh directory on the server, and the files it contains, have the correct permissions:
    chmod 600 ~/.ssh/authorized_keys && chmod 700 ~/.ssh/

That’s it! You should now be able to log into your server from this computer without being prompted for a password.


On your remote server, run the following:

ls -la ~/.ssh | grep "authorized_keys"

You should see output similar to the following:

-rw-------  1 398 Jul 15 10:32 authorized_keys

Note that the directory needs to include the file called “authorized_keys” with -rw——- (600) permissions.

Finally, run this command to check the permissions on your .ssh directory:

ls -la ~ | grep ".ssh"

drwx------   2     3 Jul 15 10:32 .ssh

You should have a folder called “.ssh” with drwx—— (700) permissions.

If for either of these tests, you get blank output, or a message similar to the following:

ls: /root/.ssh: No such file or directory



OSSEC Install on Ubuntu 12.04 LTS with WUI

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating system, including Linux, MacOS, Solaris, HP-UX, AIX and Windows.

The installation instructions are a bit spread out on the OSSEC website and it took me awhile to figure everything out. So here you go, the work is done for you.  The following instructions are how to install the OSSEC, along with the OSSEC WUI (Web User Interface). OSSEC HIDS must be installed before OSSEC WUI.

Continue reading

Install ÎĽTorrent in Ubuntu 12.04 LTS

BitTorrent (often abbreviated to ‘BT’) is a protocol that allows you to download files quickly and efficiently. It is a peer to peer protocol, which means you download and upload to other people downloading the same file. BitTorrent is often used for distribution of large files or popular content as it is a cheap, fast, efficient way to distribute files to users like you.

µTorrent is a BitTorrent client, so it speaks the BitTorrent protocol, much like a browser would speak HTTP. Just as there are multiple web browsers, there are multiple BitTorrent clients, and µTorrent is the most popular.
Continue reading

How To Install and Configure Config Server Firewall on Ubuntu 12.04 LTS

Config Server Firewall (or CSF) is a free and firewall for Linux distributions and Linux based systems.The basic functionality of a firewall – filtering packets, includes other security features, such as login/intrusion/flood detections.

The following applications are supported by this feature:

Courier imap, Dovecot, uw-imap, Kerio
cPanel, WHM, Webmail (cPanel servers only)
Pure-ftpd, vsftpd, Proftpd
Password protected web pages (htpasswd)
Mod_security failures (v1 and v2)
Suhosin failures

Continue reading


This tutorial will guide you about  how to install and use bacula

What is Bacula ?

Bacula is a set of computer programs that permits the system administrator to manage backup, recovery, and verification of computer data across a network of computers of different kinds. Bacula can also run entirely upon a single computer and can backup to various types of media, including tape and disk.

In technical terms, it is a network Client/Server based backup program. Bacula is relatively easy to use and efficient, while offering many advanced storage management features that make it easy to find and recover lost or damaged files. Due to its modular design, Bacula is scalable from small single computer systems to systems consisting of hundreds of computers located over a large network.

Continue reading