The rsync utility can backup files, synchronize directory trees, and much much more, both on the local machine and between two different hosts—via push and pull. Here is how to tame it.
Kerberos, an ancient network authentication protocol from the 1980s that is commonly used to this day, can get you into some serious trouble.
The Kerberos setup used by your organization may not be all it’s cracked up to be.
Recent revelations from the maker of networking gear Juniper Networks have shaken the industry: Juniper has identified unauthorized code in ScreenOS, its operating system that powers the NetScreen line of Juniper firewalls. Then last Friday, cryptography researchers revealed that Juniper has allowed changes to its code that could enable eavesdropping on encrypted virtual private network sessions of its customers.
Have you locked yourself out of WordPress due to some upgrade or restore mishap in combination with the lack of a valid email address to restore it to? Welcome to the Club of lucky administrators! There is a solution to this particular problem that just begs to be shouted from the rooftops: why don’t you reset your WordPress password using MySQL (or MariaDB). Let’s get right to it.
In order to transfer files from one server to another you can use Unix tools such as rsync with key pairs. Setting up the connection is rather easy once you know how to do it.
How keys work in public key cryptography
Public key cryptography relies on the use of a key pair that consists of a private and a public key. These two text strings can be compared against one another using a cryptographic algorithm. If the verification succeeds, access is granted.
Think of the public key as the lock on a door. It is technically available to everyone, but can only be opened with the corresponding private key.
In public key cryptography, your private key is like the master key of an apartment house in the real world: it can open all the locks on any door anywhere (for one and only private key, it is possible to generate many public keys).
In order for the origin host (ec-instance-01) to be able to connect to the target host (ec-instance-02), you need to follow these steps:
- create a key pair in the .ssh directory on the origin host (the one that will be initiating the connection); the private key of this key pair should never leave this host!
- append only(!) the public key from this pair to the authorized_keys file of your user on the destination host.
Here is how to do this in more detail.