Difference between revisions of "Ubuntu notes"
(ssh auth) |
|||
| Line 38: | Line 38: | ||
sudo apt-get install network-manager-pptp network-manager-kde | sudo apt-get install network-manager-pptp network-manager-kde | ||
| + | |||
| + | == SSH Authentication With Keys == | ||
| + | |||
| + | Turn off ssh login prompts and do everything with keys. This will reduce the attack surface on port 22. First, create a key using the following command: | ||
| + | |||
| + | ssh-keygen -t dsa -f ~/.ssh/mykey | ||
| + | |||
| + | This will ask for a pass-phrase and create a pair in your .ssh directory as two files, mykey containing the private key and mykey.pub containing the public key. Then for each host you log in to, scp your public key to your home folder and append it to the ~/.ssh/authorized_keys file, thus: | ||
| + | |||
| + | scp ~/.ssh/mykey.pub me@host:~ | ||
| + | cat ~/mykey.pub >> ~/.ssh/authorized_keys | ||
| + | |||
| + | Then, in your Gnome Sessions configuration under Startup Programs, add this: | ||
| + | |||
| + | ssh-add /home/me/.ssh/mykey | ||
| + | |||
| + | Note that you will need your full home path, not the ~ shortcut. Now, you can enter your pass-phrase once at the start of every session, and log in to your hosts without prompting for passwords. Once you have it working, you can then disable ssh password prompts. | ||
Revision as of 04:33, 5 January 2007
Enable Sensible Repositories
A vaguely useful apt sources.list:
deb http://nz.archive.ubuntu.com/ubuntu/ edgy main restricted universe multiverse deb-src http://nz.archive.ubuntu.com/ubuntu/ edgy main restricted universe multiverse deb http://nz.archive.ubuntu.com/ubuntu/ edgy-updates main restricted universe multiverse deb-src http://nz.archive.ubuntu.com/ubuntu/ edgy-updates main restricted universe multiverse deb http://security.ubuntu.com/ubuntu edgy-security main restricted universe multiverse deb-src http://security.ubuntu.com/ubuntu edgy-security main restricted universe multiverse deb http://archive.canonical.com/ubuntu edgy-commercial main deb http://packages.freecontrib.org/plf edgy-plf free non-free deb-src http://packages.freecontrib.org/plf edgy-plf free non-free
Note: Can replace security.ubuntu.com with nz.archive.ubuntu.com for faster transfers, with slightly less up-to-date-ness.
Crazy Wireless Drivers
If you are lucky enough to have bought a HP or Compaq laptop recently, you've probably got a Broadcom wireless chipset. Broadcom are lazy wankers and don't release their driver code.
Solution: Use ndiswrapper 1.8. Blacklist the built-in bcm43xx and download these Win32 Broadcom 4318 drivers.
sudo apt-get install ndiswrapper-utils-1.8 ndiswrapper-common
Google Earth Permission
Permission denied running googleearth?
sudo chown -R username ~/.googleearth ~/.local/share/applications/googleearth.desktop
Connect to a Windows VPN
Finally, some clever Ubuntu Gnome folks have written a network manager plugin for doing Windows VPN connections over PPTP. The extremely cool network manager is also available for KDE:
sudo apt-get install network-manager-pptp network-manager-kde
SSH Authentication With Keys
Turn off ssh login prompts and do everything with keys. This will reduce the attack surface on port 22. First, create a key using the following command:
ssh-keygen -t dsa -f ~/.ssh/mykey
This will ask for a pass-phrase and create a pair in your .ssh directory as two files, mykey containing the private key and mykey.pub containing the public key. Then for each host you log in to, scp your public key to your home folder and append it to the ~/.ssh/authorized_keys file, thus:
scp ~/.ssh/mykey.pub me@host:~ cat ~/mykey.pub >> ~/.ssh/authorized_keys
Then, in your Gnome Sessions configuration under Startup Programs, add this:
ssh-add /home/me/.ssh/mykey
Note that you will need your full home path, not the ~ shortcut. Now, you can enter your pass-phrase once at the start of every session, and log in to your hosts without prompting for passwords. Once you have it working, you can then disable ssh password prompts.