Ouvrir un Terminal, une Konsole (ou ce que vous voulez !) et faire :
# nmap -sP -T Normal 192.168.1.1-254
vendredi 29 février 2008
jeudi 21 février 2008
SSH -- Régénération des clefs d'un host (debian way)
Pour le RSA :
# ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
Pour le DSA :
# ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""
ou encore :
# rm -rf /etc/ssh/ssh_host_*
# dpkg-reconfigure -plow openssh-server
# ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
Pour le DSA :
# ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""
ou encore :
# rm -rf /etc/ssh/ssh_host_*
# dpkg-reconfigure -plow openssh-server
mardi 5 février 2008
Apache2, HTTPS (debian)
-- Etch --
Generating certificate
#openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem
This will complete the certificate now you need to make sure you have the correct permissions for .pem file if not use the
following command to set the correct permissions
#chmod 600 /etc/apache2/apache.pem
By default the server will listen for incoming HTTP requests on port 80 - and not SSL connections on port 443. So you need to enable SSL support by entering the following entry to the file /etc/apache2/ports.conf save and exit the file.
Listen 443
Enable SSL Support
If you want to enable SSL support for your apache web server you need to use the following comamnd
#a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
Now you need to restart the apache2 server using the following command
#/etc/init.d/apache2 restart
Configuring SSL Certificate to Virtual Hosts in Apache2
First you need to edit the /etc/apache2/sites-available/default file change
NameVirtualHost *
to
NameVirtualHost *:80
NameVirtualHost *:443
Now you need to configure Virtual hosts using port 80
Example
ServerAdmin webmaster@localhost
.
.
.
configure Virtual hosts using port 443 the main difference is you need to use the following two lines for each SSL hosts.
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
Example
ServerAdmin webmaster@localhost
.
.
.
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
Now you need to restrat your apache web server using the following comamnd
# /etc/init.d/apache2 reload
-- Squeeze --
Méthode 1 - FAST - (with make-ssl-cert):
cd /etc/apache2/ssl/
/usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
a2enmod ssl
vi /etc/apache2/sites-available/001-deblabapachessl
-VirtualHost *:443-
[...config...]
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
-/VirtualHost-
apache2ctl configtest
/etc/init.d/apache restart
https://your_server/
Enjoy !
Méthode 2 - OLD SCHOOL - (with openssl):
cd /etc/apache2/ssl/
openssl genrsa -out deblabapache.org.key 4096
openssl req -new -key deblabapachessl.org.key > deblabapachessl.org.csr
openssl x509 -req -days 365 -in deblabapachessl.org.csr -signkey deblabapachessl.org.key -out deblabapachessl.org.crt
a2enmod ssl
vi /etc/apache2/sites-available/001-deblabapachessl
-VirtualHost *:443-
[...config...]
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/deblabapachessl.org.crt
SSLCertificateKeyFile /etc/apache2/ssl/deblabapachessl.org.key
-/VirtualHost-
apache2ctl configtest
/etc/init.d/apache restart
https://your_server/
Enjoy !
-- Voir aussi --
Generating certificate
#openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem
This will complete the certificate now you need to make sure you have the correct permissions for .pem file if not use the
following command to set the correct permissions
#chmod 600 /etc/apache2/apache.pem
By default the server will listen for incoming HTTP requests on port 80 - and not SSL connections on port 443. So you need to enable SSL support by entering the following entry to the file /etc/apache2/ports.conf save and exit the file.
Listen 443
Enable SSL Support
If you want to enable SSL support for your apache web server you need to use the following comamnd
#a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
Now you need to restart the apache2 server using the following command
#/etc/init.d/apache2 restart
Configuring SSL Certificate to Virtual Hosts in Apache2
First you need to edit the /etc/apache2/sites-available/default file change
NameVirtualHost *
to
NameVirtualHost *:80
NameVirtualHost *:443
Now you need to configure Virtual hosts using port 80
Example
ServerAdmin webmaster@localhost
.
.
.
configure Virtual hosts using port 443 the main difference is you need to use the following two lines for each SSL hosts.
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
Example
ServerAdmin webmaster@localhost
.
.
.
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
Now you need to restrat your apache web server using the following comamnd
# /etc/init.d/apache2 reload
-- Squeeze --
Méthode 1 - FAST - (with make-ssl-cert):
cd /etc/apache2/ssl/
/usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
a2enmod ssl
vi /etc/apache2/sites-available/001-deblabapachessl
-VirtualHost *:443-
[...config...]
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
-/VirtualHost-
apache2ctl configtest
/etc/init.d/apache restart
https://your_server/
Enjoy !
Méthode 2 - OLD SCHOOL - (with openssl):
cd /etc/apache2/ssl/
openssl genrsa -out deblabapache.org.key 4096
openssl req -new -key deblabapachessl.org.key > deblabapachessl.org.csr
openssl x509 -req -days 365 -in deblabapachessl.org.csr -signkey deblabapachessl.org.key -out deblabapachessl.org.crt
a2enmod ssl
vi /etc/apache2/sites-available/001-deblabapachessl
-VirtualHost *:443-
[...config...]
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/deblabapachessl.org.crt
SSLCertificateKeyFile /etc/apache2/ssl/deblabapachessl.org.key
-/VirtualHost-
apache2ctl configtest
/etc/init.d/apache restart
https://your_server/
Enjoy !
-- Voir aussi --
- Lien 2 (squeeze)
DD et GZIP (1)
Voilà on commence par ces petites commandes :
# Pour effectuer un backup à chaud d'une partition vers une autre machine par le réseau
$ dd if=/dev/hda1 | gzip -9 | ssh <user_name>@<IP_Machine> 'dd of=/tmp/hda1.img'
# Créer un zip d'une image disque
$ dd if=/dev/hda | gzip > /mnt/hdb1/system_drive_backup.img.gz
# Et maintenant restaurer cette image
$ gzip -dc /mnt/hdb1/system_drive_backup.img.gz | dd of=/dev/hda
# Backup TAR d'un fichier ou d'un répertoire et SSH
$ tar cjvf - *my_files* | ssh me@me.com 'cat > /path_to_file/my_files.tar.bz2'
# Pour effectuer un backup à chaud d'une partition vers une autre machine par le réseau
$ dd if=/dev/hda1 | gzip -9 | ssh <user_name>@<IP_Machine> 'dd of=/tmp/hda1.img'
# Créer un zip d'une image disque
$ dd if=/dev/hda | gzip > /mnt/hdb1/system_drive_backup.img.gz
# Et maintenant restaurer cette image
$ gzip -dc /mnt/hdb1/system_drive_backup.img.gz | dd of=/dev/hda
# Backup TAR d'un fichier ou d'un répertoire et SSH
$ tar cjvf - *my_files* | ssh me@me.com 'cat > /path_to_file/my_files.tar.bz2'
Inscription à :
Articles (Atom)