Linux.com

Community Blogs



Two-Factor Authentication (One time passwords by SMS) for SSH and more

With passwords becoming inherently insecure nowadays, I decided to add an extra layer of security by using the Textlocal One-Time Password API (Its so new I haven't been able to get it documented yet).

One-Time Passwords are unique codes which are sent to a trusted mobile device which can then be checked and then allowed or denied access based on the response back.

This is pretty awesome considering the code can not be guessed, expires after 24 hours, can only be used once, and is separate to the service which is requiring the authentication.

Like I said, I decided to add One-Time Passwords to my Linux server, to do this, I added the following code to the bottom of my user's (my user, since no other users have SSH access) .bashrc file:

tlrequest="username=**EMAIL**&password=**PASS**&numbers=**NUMBER**&message=SSH%20OTP%20is&sender=SSH-OTP"
trap logout INT
curl -s -d $tlrequest http://api.txtlocal.com/otp_send >/dev/null 2>&1
echo "A One-time password has been sent to your device. Please enter it below followed by [enter]:"
read otp
check=$(curl -s "http://api.txtlocal.com/otp_challenge/?username=**EMAIL**&password=**PASS**&numbers=**NUMBER**&code=$otp >/dev/null 2>&1")
if [[ $check == *uccess* ]]
then
    echo "OTP Validated.";
else
    echo "OTP Invalid. Disconnecting."
    logout
fi

To make the code work, you will need:

1. A Textlocal account 
2. Change **EMAIL** to your email address
3. Change **PASS** to your Textlocal password or hash
4. change **NUMBER** to your mobile number (eg 447000000000)

Thats it!

 

6 quick tools to monitor system resources on Linux

Monitor server resources System administrators need to monitor their server to ensure proper functioning. The practice enables administrators to detect possible issues in advance and recover the system, before it causes any trouble. There are plenty of commands on Linux to monitor different system resources like cpu usage, memory usage, network, disk usage and so on. Popular ones are top, htop, iostat, nethogs etc. In this post we are talking about simple command line tools that can monitor multiple system resources like cpu, memory, network, disk, processes etc all together...

Read more... Comment (0)
 

8 commands to check cpu information on Linux

CPU hardware information The cpu information includes details about the processor, like the architecture, vendor name, model, number of cores, speed of each core etc. There are quite a few commands on linux to get those details about the cpu hardware, and here is a brief about some of the commands. 1. /proc/cpuinfo The...

Read more... Comment (0)
 

12 scp command examples to transfer files on Linux

Secure copy Scp (Secure Copy) is a command line tool to copy or transfer files across hosts. It uses the same kind of security mechanism like the ssh program. Infact it uses an ssh connection in the background to perform the file transfer. scp refers both to the "protocol" that defines how secure copy should work and the "program" (command) which is installed as a part of OpenSSH suite of tools. In this quick tutorial we shall look at a few examples the scp command and how it can be...
Read more... Comment (0)
 

20 amusing Linux commands to have fun with the terminal

The linux terminal is not always dull and boring. There are commands to make it do some funny acts to entertain the user. Here is a small collection of such commands. 1. Cowsay Install cowsay with apt. $ sudo apt-get install cowsay Cowsay is a talking cow that will speak out anything you want it to. $ cowsay "Hi, How are...
Read more... Comment (0)
 

Saidar is a simple system monitoring tool for Linux

Saidar For a system admin, its always exciting to learn new commands to monitor system resources, and here is a new one. Its called Saidar and is a very small tool. Even simpler than and . It displays a small screen full of statistics on a variety of system resources that you might want to monitor. Saidar is a part of the libstatgrab...
Read more... Comment (0)
 

Glances gives a quick overview of system usage on Linux

As a Linux sysadmin it feels great power when monitoring system resources like cpu, memory on the commandline. To peek inside the system is a good habit here atleast, because that's one way of driving your Linux system safe. Plenty of tools like Htop, Nmon, Collectl, top and iotop etc help you accomplish the task. Today lets try another tool called Glances. Glances Glances is a tool similar to that has a very compact display to provide a complete overview of different system resources on just...

Read more... Comment (0)
 

HowTo: Setup SSH Keys on a Linux / Unix System

I recently read that SSH keys provide a secure way of logging into a Linux and Unix-based server. How do I set up SSH keys on a Linux or Unix based systems? In SSH for Linux/Unix, how do I set up public key authentication?

Read more: Linux setup ssh keys

 

Would Microsoft Lync 2013 Suffice as an Enterprise's only Video Conferencing Solution?

Before rolling out the analysis, it’s important to understand the technology. Microsoft Lync 2013 helps connect to multiple people across different operating systems and mobile devices. As a unified enterprise-ready communications platform, it enables an environment that facilitates instant video conferencing, messaging, voice chats and meeting. In short, it provides a single and consistent presence experience for its client.

untitled

While Microsoft may project changes brought about in the Lync Server 2013, enabling better experiences than ever before, there are a few concern areas that you users need to be aware of.

  • Video Conferencing limitations: Continuing to be a low area, this version of Microsoft’s Lync too has been observed to be immature in terms of its video conferencing capabilities. Besides, it doesn’t provide end-to-end solutions such as video-room systems, video desktops, telepresence systems or video gateways. Its solutions for multi-party video conferencing, works on desktops only. Its conferencing capabilities are also limited with allowing a maximum of five people in a conference only and feature lacks such as server-side recording, dual presentation and multi-casting. Other problems associated with its video conferencing capabilities are its interoperability constraints with 3rd party products and that it consumes exorbitant bandwidths which are about 600% more than its counterparts.

  • ü  Lack of consistent BYOD support: BYOD is the next big revolution that’s happening in working environments. As such Lync 2013’s compatibility with the BYOD culture is critical. While it does support presence and instant messaging on platforms like iOS, Android and Windows, it falls short of features like simultaneous multi-party video and viewing shared meeting content.
  • untitled1

 

  • ü  Voice limitations persist: This was one of the major lookout areas in terms of improvements expected. To begin with, users will have to invest in conference phones, Session Border Controllers for security purposes and 3rd party gateways. If you have a pre-existent system in place, you actually have to rip it apart. Besides it doesn’t even have call recording, call parking or contact centre features, making it troublesome for most users.

  • ü  Real-time collaboration shortcomings: Microsoft’s Lync 2013 requires sourcing a number of applications from various 3rd party vendors, making it unsuitable for users looking for an all-in-one solution.

  • ü  Investments in trainings: Due its nature of complexities, organizations will need to invest in training their staff, in-mates. Besides, they will also have to hire individuals with Linux certifications to help deploy and manage the system and troubleshoot as and when required. All this requires huge investments that organization may want to reconsider beforehand.

  • ü  Investments in Lync Voice too high: As per the conclusions from detailed interviews done with 211 real world customers, it was observed that Lync’s users spent $1,912 on an average, in installations (on the 1st year itself).

  • ü  Customer Choice is limited: Essentially Microsoft’s way with its products and sales strategies, for instance, product bundling, can end up in users being locked into their systems.

For the perfect communications solution, organizations require services that can be imbibed into existing systems, with delivering effective and efficient quality services in a cost-effective structure.

Have you been using Microsoft Lync 2013? How has your experience been? What according to you are its biggest drawbacks? Share your thoughts and takes with us.

 

 

 

 

 

New Animation with Open source

This week another episode of Minimarte - web animated series, made with open source tools, got out of the box.


The animation is on youtube, at: http://www.youtube.com/watch?v=2I82gEaX-r4

And a small text with some making of images are at oficial site, at: http://www.minimarte.com/2014/02/26/episodio-2-as-primeiras-aparicoes/

All series, and all animations made with: Gimp, Inkscape, Blender, Synfig, Audacity, Kdenlive.

-Gimp is used for frame-by-frame animation;
-Inkscape for vector illustration
-Synfig for vector animation and compositions
-Blender for character animation
-Audacity for audio tracks and effects
-Kdenlive for video editing.


Credits:

Story, screenplay: Ricardo Graça, Eduardo Graça
Animation, Direction, Editing: Ricardo Graça
Sound effects and tracks: Jorge Cruz


Images ( making of ):

Making of 1

Making of 2

 

Making of 3

 

Please DON'T SPY me anymore: High Level E-mail Cryptography with GnuPG

Unless you have no life, don't watch the news, and don't care about others snooping around your secrets, you are well aware that these days the government's favorite activity is spying and monitoring their people from all sides, by all means, with no scruples and no remorse, possibly including yourself.

Even if you do have a life, do watch the news, and do care about others snooping around your secrets, you certainly use one of those free popular e-mail accounts that boast of their awesome unlimited features without realizing that they are the ones that are secretly stabbing you on the back and violating your privacy.

It was because of such things that our team wrote a book on advanced e-mail security with cryptography and we want to share it with you. In this book you'll get the following benefits:

  • Awareness: you will understand how things work and never be fooled again.
  • Privacy: no one will spy your e-mails anymore, your communications will remain private.
  • Security: if your e-mails ever get compromised, no one will be able to decipher and read them.
  • Credibility: you will demonstrate to others how much you care about your privacy and your security, as well as theirs.
  • Flexibility: the system can be implemented anywhere, from home to business to mobile devices.
  • Power: high level military grade cryptography being developed for more than 15 years.
  • Freedom: 100% free/libre software based on an open standard, open source, no spyware, no malware, no viruses, nothing.
  • Cost: completely free - gratis - you won't have to buy or pay for any software.

The book is short, full of images and graphics and easy to understand. It was written for laypersons, so anyone can follow it and do the required steps very easily.

And how about the price? Well you'll love that part: you can get and share the book for free, no hidden fees or registration required, you pay how much you want for it. That's it, that's how we work, you only pay if you like.

If you like it we suggest a contribution of $10.00, the price of a decent cappuccino cup. We put a lot of effort to write it and it took a long time to be finished, so if you like it we would very much appreciate a $10.00 contribution from you.

You can get a copy of the book right here in our official website: https://goldencontest.wordpress.com

Are you still not convinced? We are giving you 10 reasons why this book will benefit you. It is called "The 10 most common mistakes people make when using e-mail". Here they are:

  • MISTAKE 1: I use a popular e-mail provider
  • MISTAKE 2: I think only the recipients can read my messages
  • MISTAKE 3: When I empty the trash bin I believe my messages were erased forever
  • MISTAKE 4: I think it is great that my e-mail account is free
  • MISTAKE 5: I own my own messages, they are mine
  • MISTAKE 6: I think cryptography is unecessary
  • MISTAKE 7: I don’t care about what the NSA is doing
  • MISTAKE 8: I think my messages are safe
  • MISTAKE 9: I trust my e-mail provider
  • MISTAKE 10: I believe I have privacy online

You can find the detailed description of all those mistakes in our website, as well as how to correct them.

Check out our website now and get a copy of our book for free. You will not only get a book, you will also get your security and privacy back.

Thanks!

The Golden Keys Team
https://goldencontest.wordpress.com

 
Page 10 of 132

Upcoming Linux Foundation Courses

  1. LFD331 Developing Linux Device Drivers
    13 Oct » 17 Oct - Virtual
    Details
  2. LFS425 Linux Performance Tuning Crash Course
    16 Oct » 16 Oct - Düsseldorf, Germany
    Details
  3. LFS220 Linux System Administration
    20 Oct » 23 Oct - Virtual
    Details

View All Upcoming Courses


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board