Host ID: 231
hpr1468 :: A Whole Lot of Nothing: Chromebook EOL, CentOS WTF, Non Mainstream GNU/Linux Distros and more...Released on 2014-03-19 under a CC-BY-SA license.
This episode covers a little bit of everything. The end of life for Chromebooks and how that hurts in some ways, hacker public radio topics, CentOS and Red Hat joining, participate with a non mainstream GNU/Linux Distros, and much more.
Here is a brief list of the topics and links covered in this episode:
- XFCE and Xubuntu is good, Crouton for Google Chromebook
- Chromebook EOL, WTF? I like the hardware but I want to use it until I'm tired of using it, I don't want Apple or Google telling me otherwise.
- Distro wise what's next? I'm not going to want to stick with Ubuntu much longer.
- CentOS, WTF? So on the server side what's next?
- Building your own distro from the ground up. It is a lot of work.
- Debian is by far still the best distro to stick with. I hope they don't jump ship.
- Bastion hosts are long gone, thank you and sorry Marcus J. Ranum. Make way for clusters, customized systems, but generic and widely supported desktops. Sounds like Slackware to me, right?
- GNU/Linux Distribution Timeline http://futurist.se/gldt/ http://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_Distribution_Timeline.svg
- Bridge Linux http://millertechnologies.net/
- Bedrock Linux http://bedrocklinux.org/index.html
- Indigogo http://www.indiegogo.com/projects/i-hate-being-single-season-2
- NCIX.com https://www.youtube.com/user/NCIXcom
- Pod safe music http://www.freemusicarchive.org
- Configuration Management Configuration Deployment for Network automation http://packetpushers.net/show-176-intro-to-python-automation-for-network-engineers/
- Duck Duck Go Goodies https://duckduckgo.com/goodies
- Ansible http://www.ansible.com/home
This episode is a review of several topics ranging from linux bug community participation, linux installation experiences, hosting services, and blogging using Markdown.
Here is a brief list of the topics covered in this episode:
- Xubuntu: UEFI support, easy to use, and community driven.
- Kali Linux on EeePc 1000H, old hardware revived.
- Blogging in Markdown: Scriptogr.am, ghost.org, Mou App, Redmine, Tumblr.
- Hosting Services and low end VPSs: Arvixe and Prometeus.
- PogoPlug v4 with Arch linux: simple, cheap and extensible.
- Gmail webclips: sometimes pretty cool.
- Check out some music, thanks to risky.biz.
Good sources of information for PAM
Overview of PAM Security
- Definition: Presenting two or more from something you have, something you know, and something you are.
- Centos /etc/pam.d/
- Debian /etc/pam.d/ (common-auth exists in Debian and its a system wide security implementation for all pam.d applications)
Google Two Factor Authentication
- MNXSolutions.com,Old instructions but still useful
- Webbynode.com, Useful but still uses outdated mercurial steps
- Google two factor auth git repo source
- Install git, gcc, and make on your system
$ apt-get install git make gcc
$ yum install git make gcc
- Execute git command as noted on google's site:
$ git clone https://code.google.com/p/google-authenticator/
- Compile and install the google two factor auth PAM module and application
$ cd google-authenticator/libpam/
$ make install
- Add the following lines to the /etc/pam.d/sshd
auth required pam_google_authenticator.so
- Location of SSH server configurations
- Add/modify the following stanza to SSH server configuration:
- Create Google two factor profile for SSH user and answer the setup questions based off your preferences
- Restart SSH server
$ service ssh restart (on CENTOS try $ service sshd restart)
- In Debian based systems you can comment out the system wide common-auth by simply adding a # to the beginning of the @include common-auth.
- If you want to use google two auth with other applications simply add it to the appropriate /etc/pam.d/ file
- Other useful PAM modules include the Barada module: libpam-barada (OTP with Android Client), pam_winbind (Samba Active Directory authentication module), and many more.
- Make sure you have dual SSH connections and are sudo or su as a privileged user. Also make sure any files you configure today are backed up before you edit them.
- When setting up Two Factor Auth profiles, go into cleanup mode to ensure you don't use the QR code url where it can be later retrieved from your url history. Also make sure you cleanup your command line and clipboard history so that emergency scratch codes and secret keys can't be found by wondering eyes.
Podcasts worth mentioning.