SSH Public Key Authentication
Tonight I disabled password authentication entirely for ssh.
If you haven’t set up public key authentication yet feel free to contact me or possibly read a how-to:
This security setting was a long time coming I’ve gotten rather tired of going through all the “script kiddie” failed login attempts.
I apologize if this makes this a bit more inconvenient for anyone but security does / has to come first after all.
That’s all for now.
read moreUpdates 12-13-2011
So I finally got to catch up with all the WordPress updates.
Every site I manage is now running WordPress 3.3.
All plugins are up to date…
Themes are updated… code has been adjusted to be valid…
I also did a apt-get upgrade and dovecot of course was updated.
svn pull on roundcubemail had some changes…
So the updates end.
Enjoy!
Webmin
I changed webmin around a bit folks.
It can now be accessed from the following address here.
Of course you must have login access to use it of course…
read moreDebian + Apache 2 (CVE-2011-1176)
Debian pushed the apache update finally (get to disable the workaround)
apache2 (2.2.16-6+squeeze1) stable-security; urgency=high
* Fix CVE-2011-1176 in apache2-mpm-itk: If NiceValue was set, the default
with no AssignUserID was to run as root:root instead of the default
Apache
user and group. Closes: #618857
So that should close the issue…
Thanks Debian and Apache for the fix!
SSL Certificate Update
So I finally found a solution for pretty much all of our encryption needs
for Inexistence services and such.
StartSSL provides a free SSL certificate service I have enabled all the
hosts that require SSL with new certificates so guess what this means?
No more stupid SSL connection errors no self signed nightmare.
Enjoy your encryption.
PS. If you would like SSL enabled for some reason on your site please
let me know and I’ll see what I can do (and if it’s even justified).