Tag: security

https site available now with cert from cacert.org

More about cacert.org :

 

CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free.

CAcert’s goal is to promote awareness and education on computer security through the use of encryption, specifically by providing cryptographic certificates. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the internet. Any application that supports the Secure Socket Layer Protocol (SSL or TLS) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.

If you want to have free certificates issued to you, join the CAcert Community .

If you want to use certificates issued by CAcert, read the CAcert Root Distribution License .This license applies to using the CAcert root keys .

So, now you can reach out to https version… dont be scared if you get that un-verified certificate, you can import the cacert.org root certificate.

ssh authorized keys – limit ssh session to custom command

If you want a ssh key to be able to run a custom command only and nothing beyond that, then you can use the “command” option in the authorized_keys file of ssh.

 

For example, to limit user to run only top command with a key, you can add the key like this:

 

echo 'command="/usr/bin/top" ssh-rsa ' >>~/.ssh/authorized_keys

shell script for some quick tests on Linux

Head over to the link and grab the script. Just run it and make yourself a little bit more safe 🙂

https://github.com/rebootuser/LinEnum