The more projects you handle, the more servers you manage. But when you ssh to servers of different projects, are you using the same private key?
And how secured you feel about this? Let’s imagine. One day, your powerful private key gets compromised somehow. Boom! All your servers, and all your projects are in danger.
Check out this post. And get improved for all your projects, in just five minutes!
Say you have issued a command in your servers. Typically the command might either backup something or perform a critical hot fix.
Surely you know the start time of the process. But when it will end? How can you find the execution time, when the process has already been started?
People might manually change critical config files in servers occasionally. For example, /etc/hosts, /etc/hostname, etc.
As an experienced operator, you will remember to backup, before making any changes. Right? What would you do? cp /etc/hosts /etc/hosts.bak.
But is that good enough?
As DevOps or IT professionals, people may ask us why they can’t ssh to servers. It happens from time to time. Isn’t right? Not much fun. Just routine work.
Want to ease the pain and burden? Let’s examine common ssh failures together. Next time forward this link to your colleagues, if useful. People may be able to identify the root cause all by themselves, or be efficient in collecting all necessary information, before turning to us.
Using a single command, we can easily upload any files from our computers or servers to a web server. Then our friends or colleagues can download them directly from web browsers. Isn’t that cool?
Worry about the security? We can encrypt files before transfer. Also we can claim the maxinum downloads of those files, or expire download link in several days.
Here we go! transfer.sh: easy and fast file sharing from the command-line. Zero Initial Setup and Super Easy to use.
For DevOps, installation is one of our major tasks. People may wonder package installation is pretty straight-forward and easy now. Just run commands like apt-get, yum, brew, etc. Or simply leave it to containers.
Is it really that easy? Here is a list of headache and hidden costs. Discuss with us, DevOps gurus!
Any serious DevOps will only ssh by key file. Not with password, right? And mostly our powerful key file can unlock many critical envs. Have you ever uploaded your private key to other envs, like jumpbox? What if your key is magically stolen by hackers somehow?
Time to protect your sensitive ssh key by passphrase. And live with it, headache-free.
Apparently process checking is critical. Yes, we already have tons of linux tools and tips available. Getting familiar with your weapons is actually the first step, and the easiest part.
More importantly, what questions you ask, what for, when approaching your critical process. Fortunately even with plain common sense, we can dig out lots of valuable information.
Any serious systems can’t ignore server security, especially in public Cloud. No doubt there’re tons of tips and tutorials available on the Internet. Let’s focus on fundamental and general best practices first.
A List Of Security Improvements I Enforce After OS Provisioning.