Cloud Insidr

Cybersecurity in the Age of the Machine

Join us on Twitter: @CloudInsidr

Home Archives for cybersecurity and cyber warfare
Symantec Code Signing (728*90)
Locked out of WordPress? How to Reset Your User Password to the Admin Backend in MySQL or MariaDB

18 Comments

Locked out of WordPress? How to Reset Your User Password to the Admin Backend in MySQL or MariaDB

Have you locked yourself out of WordPress due to some upgrade or restore mishap in combination with the lack of a valid email address to restore it to? Welcome to the Club of lucky administrators! There is a solution to this particular problem that just begs to be shouted from the rooftops: why don’t you reset your WordPress password using MySQL (or MariaDB). Let’s get right to it.

[Read more…]

How to set up an SSH connection using authentication based on private-public key pairs

3 Comments

How to set up an SSH connection using authentication based on private-public key pairs

In order to transfer files from one server to another you can use Unix tools such as rsync with key pairs. Setting up the connection is rather easy once you know how to do it.

How keys work in public key cryptography

Public key cryptography relies on the use of a key pair that consists of a private and a public key. These two text strings can be compared against one another using a cryptographic algorithm. If the verification succeeds, access is granted.

Think of the public key as the lock on a door. It is technically available to everyone, but can only be opened with the corresponding private key.

In public key cryptography, your private key is like the master key of an apartment house in the real world: it can open all the locks on any door anywhere (for one and only private key, it is possible to generate many public keys).

Public key cryptography relies on an analogy to a lock and a key in the real world; animation by — Vala Afshar (@ValaAfshar) via Twitter

In order for the origin host (ec-instance-01) to be able to connect to the target host (ec-instance-02), you need to follow these steps:

  • create a key pair in the .ssh directory on the origin host (the one that will be initiating the connection); the private key of this key pair should never leave this host!
  • append only(!) the public key from this pair to the authorized_keys file of your user on the destination host.

Here is how to do this in more detail.

[Read more…]

NAT as a Service: Amazon’s Managed VPC NAT Gateway for AWS and Why You Should Probably Take It for a Spin

Leave a Comment

NAT as a Service: Amazon’s Managed VPC NAT Gateway for AWS and Why You Should Probably Take It for a Spin

Amazon’s shiny new managed VPC NAT Gateway on AWS (unveiled today) can be translated into plain English as NAT (Network address Translation) as a service. You might wonder who is going to need it if a VPC was just fine as of yesterday.

Managed NAT Gateway on AWS logo

If you are currently using NAT to connect your EC2 instances that are isolated inside a VPC to the outside world, then the answer is: you are. Even if your instances connect directly to the Internet, you might still be better off with the service than without it.

[Read more…]

How to Install PHP 7 on Fedora, RHEL, CentOS 7 — the Red Hat family

3 Comments

How to Install PHP 7 on Fedora, RHEL, CentOS 7 — the Red Hat family

Installing PHP on the Red Hat family—Fedora, RHEL, CentOS 7—is a must for cyber security and it’s not rocket science. With a few easy steps, you too can bring your PHP based web applications to the next level.

[Read more…]

How to set up the LEMP stack: NGINX, MariaDB/MySQL, PHP 7.x on RHEL/Fedora/CentOS 7 with SELinux

13 Comments

How to set up the LEMP stack: NGINX, MariaDB/MySQL, PHP 7.x on RHEL/Fedora/CentOS 7 with SELinux

The setup of the LEMP stack (NGINX, MariaDB or MySQL, and PHP) has many caveats which can impact both performance and security. Here is how to do it right.

[Read more…]

Comodo Elite SSL (OV) (728*90)