Temporary SSH access on Linux servers

A while ago it was requested that developers should be able to login, upon request, on our production servers via SSH. Normally this is restricted to SysOps and DevOps operators. Developers have their DTA(P) to do their thing, but nevertheless management decided that they need CLI access to our live systems. Needless to say, we…

Continue Reading

Fail2Ban config on Ubuntu 18.04

I can be a very happy camper when I’m configuring something new and it ‘just works’ and does its job as expected and more. See the previous post on Fail2Ban. Creating a new jail and making the most important service hacker proof is a matter if minutes. Of course finetuning it to my liking can…

Continue Reading

OSSEC active response vs Fail2Ban

Let’s have a proper look at Fail2Ban on Ubuntu 18.0.4. Last week I was rather pleased with the replacement of CSF / LFD with UFW and OSSEC active response. It seems really rock solid. While configuring and testing, I discovered one big downside of OSSEC active response though: it only works for SSH and not…

Continue Reading

Replacing CSF / LFD with UFW and OSSEC

UFW and OSSEC active response. In my quest to see if I would like to replace Debian with all of its third party tooling with more up-to-date Ubuntu servers (also with third party tooling), I’ll dedicate the next couple of posts to cross off this list. Starting at the top, today I’ll be replacing CSF…

Continue Reading

More Debian vs Ubuntu stuff

Last week I’ve explained a bit why I’m considering jumping from Debian to Ubuntu to get our managed hosting a bit more up-to-date by default, instead of using 10 third party repos. This week I would like to specify more about our managed hosting tooling, what we’re using for Debian, what we might like to…

Continue Reading

From Debian to Ubuntu?

Ubuntu. Oh my. This is awkward. When I started out experimenting with Linux, I opted for CentOS since it is one of the most stable versions out there. You’ll soon find out though, that the software in the repos is too old for many situations in the web application industry. Right before I started working…

Continue Reading

Monitor cron with Icinga

I’m a big Icinga fan and have written about it a couple of times. Check out this awesome series for Debian. Now people have asked a better way to monitor cron (jobs). Can we integrate this into Icinga? I’ve looked at a couple or solutions that are out there, but the most obvious is to…

Continue Reading

Install Zammad on Debian 9

Last post was a nice intro on how I’ve found Zammad, an open source, nice looking support ticket system. Will it handle all the requirements I’ve set in last post and be ‘the one’? Let me immediately spoil that for you: it’s almost perfect and Zammad will be my choice for sure. Installing it is…

Continue Reading

Linux open source ticket system

For a new project, I’m looking for a Linux open source ticket system. It’s main purpose is for support tickets, but it would be awesome if it could handle ‘normal’ customer conversation as well in an efficient and nice way. I remember I’ve looked for this a couple of times already in the past and…

Continue Reading

Using Linux GNU screen

OMG choices, choices. Almost a year ago my colleague introduced me to screen: a cli/terminal window manager that multiplexes a physical terminal between several processes, typically interactive shells. Simply put: multiple shells in one shell. But there is at least one application that is said that does it better: tmux. So we’ll be using that…

Continue Reading

Essential and practical vi – Part 3

What started out as a plan to make a not too complex post about vi buffers, turned out to be a 3 part post with lots of essential bits and pieces on this awesome editor. So also see part 1 and part 2. There is even more advanced things I could write about like the…

Continue Reading

Essential and practical vi – Part 2

First, check out this nice post about every day, very practical vi stuff you can’t do without. Originally I only wanted to do a piece on vi buffers but the post grew and grew and here we are, at the second part. In this post I want to explain some searching, search and replacing, more…

Continue Reading

Essential and practical vi – Part 1

Basically I wanted to make a post on vi buffers (editing multiple files at once) but discovered I couldn’t do it without more vi related stuff. Therefore a three part more elaborated post. Working in the Linux terminal every day, for me it is a no-brainer to use vi, more specifically vim. It’s installed by…

Continue Reading

The plan for 2019

Yes! The plan for 2019 looks much clearer since my concluding post of 2018. I gave things some serious thoughts and came up with a neat little plan for 2019. As far as the blog is concerned, its’s simple. I’m doing a post every Saturday. Period. I’m not doing this blog to get a lot…

Continue Reading