Archive for the ‘System admin’ Category
Growling Mac backups with rsync
Between Time Machine and services like Dropbox, paranoid levels of backup are surprisingly painless to achieve on the Mac these days.
Still, just one more copy of your data, in just one more continent, surely can’t do any harm, right? One that won’t burn down with your house, but also isn’t just wafting vaguely in the Cloud at someone else’s whim. One that elevates your backup system from sensibly paranoid to borderline OCD. One, in this case, brought to you by rsync, find and Growl.
iPhone + public key SSH authentication: lovely
I’ve been unhappy for a while having the SSH daemon on my web server VPSs with password authentication enabled. Of course, it’s on a non-standard port, blocks root logins, and takes a strong-ish password… but the risk of a successful dictionary attack has still felt too non-zero for comfort.
Equally, though, I’ve not wanted to give up the ability to log in to the servers from anywhere to fix things in an emergency, so I didn’t want to turn password authentication off and rely on public keys alone.
Until now, that is. I realised yesterday that, since I have iSSH on the iPhone, which does public key authentication, I can log into my servers from anywhere, even with password authentication turned off. Granted, doing anything serious on a tiny screen and slow connection is difficult. But all I actually need to be able to do from there is temporarily turn password authentication back on.
And to make this easy, I’ve put two ultra-simple scripts in ~/bin:
pwd_login_on.sh
#!/bin/bash sudo sed -r -e 's/^PasswordAuthentication no$/PasswordAuthentication yes/' \ -i.previous /etc/ssh/sshd_config sudo /etc/init.d/ssh restart
pwd_login_off.sh
#!/bin/bash sudo sed -r -e 's/^PasswordAuthentication yes$/PasswordAuthentication no/' \ -i.previous /etc/ssh/sshd_config sudo /etc/init.d/ssh restart
(These paths are suitable for Ubuntu 8.04).
Lovely.