SSH short for Secure SHell is cryptographic network protocol. It is widely used in UNIX/Linux(but not limited to) world to allow clients to securely connect to a server. It is replacing older and insecure protocols like rsh and telnet. In addition to security it add tunneling for other protocols.
And since it is widely used it is often exploited to get unauthorized access to the system.
Enough general information. Back to the topic.
There are few simple rules on how to protect:
- If you do not need it do not enable it
- Restrict access
- Change listening port
- Use version 2 (if possible)
- Disallow root access
- Use strong passwords
- Block access
- Use key authentication
- Use “One time passwords”
- Show Warning message
Your comments are welcome.
If you finally decided to add protection to your valuable data by using software RAID 1 – congrats. You are on the right path. But do not forget that you still need good backup.
If you have only 1 additional drive the procedure is more difficult, but still possible.
Note1: Try following procedure on your own risk. Preferably testing it on non-prod machine.
Note2: /dev/sdb is secondary disk it could vary for you.
First you create degraded RAID 1
mdadm –create /dev/md0 -l raid1 -f -n 1 /dev/sdb1
Add it to mdadm.conf
mdadm –detail –scan >> /etc/mdadm.conf
Inform it the there is second disc
mdadm –grow /dev/md0 -n 2
Here you create partition on degraded drive and copy data from first disk
Repartition first disk if needed and add it to the array.
mdadm –manage /dev/md1 –add /dev/sda1
Note that this is just skeleton of steps and not full step by step tutorial.
Google Chrome is excellent browser. And probably most of you have it installed.
Only drawback I’ve noticed is that installation is online. This is generally not a problem, but what to do if the target system does not have internet connection?
The answer is not obvious and required some research. I was not able to find direct link on Google Chrome download page 🙁
Quick search on the web returned this Google Help Page.
Using Alternate installer for all user accounts link I was able to get the package and install it.
This package will help if you deploy Chrome on wider base (Windows GPO for example).
Unfortunately if target system does not have Internet access you have to revisit this page often to download new release.