This article shows you how to Automate iptables for the whole infrastructure (linux/unix) and maintain the state during the lifecycle of a host. We would need to install 2 modules from PuppetLabs so that we can assign Rules based on the requirements, whether its from one destination to another or from one host to multiple destinations or vice-versa.

  1. puppetlabs/Firewall = Standard module for iptables.
  2. puppetlabs/Firewall_multi = Module that takes care off when adding multiple source/destination/ports in one Rule.
Add a comment

To generate a SHA256 certficate in linux all you need to do is run this openssl command and you will be ready with a PCI compliant cert. This is a standard requirement nowadays in any PCI compliant environment. This is implemented with Apache backend. Run the below command to generate .crt and .key files.

Add a comment

To make Nagios CORE security compliant with a SHA2/SHA256 cert, follow these steps using Openssl and you will be ready in no time with a PCI compliant cert. This is a standard requirement nowadays in any PCI compliant environment. This is implemented with Apache backend. Run the below command to generate .crt and .key files.

Add a comment

In Raspberry Pi from version Jessie onwards the "root" login for SSH sessions (via Putty Login) has been disabled by default. It can be enabled by just editing "sshd_config" file and then restarting "ssh" service.

To start with login to raspi via ssh using the default "pi" credentials. Then elevate yourself to super user "sudo"

# sudo -i

Then edit "/etc/ssh/sshd_config" and update the field "PermitRootLogin"

# vi /etc/ssh/sshd_config
Add a comment

When adding multiple users in IDM/freeIPA its a pain inputting each user and its time consuming. This script/one liner allows you to enter multiple users at one go and it includes non-interactively specifying a password. The following script allows creating multipe users in IPA and then adding the required attributes as well.

Add a comment

Page 1 of 12