How ask password while using public key – SSH

Hello
i can login to ssh without password when attach public-key file to putty on centos 7
is it possible for another layer?
ssh ask pas… | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1830115&goto=newpost

routing – Attribute a static public ip to a pod for outband traffic

In my datacenter , i implemented a kubernetes infrastrastructure with 3 workers and one master node . Actually i’m looking to build 5 pods running postfix mail server , but because of risking to be blacklisted i’m looking to assign a specific public ip to each pod for the outband traffic I don’t know if it’s possible to do that and is there any solution to nat the pod addresses ??

web development – Do I need External CA certificates for setting up Public & Private Key encryption with my website for our users?

I have a website which is used by corporate company with some sensitive data. What we are planning to setup a public private key implementation within our website.

While storing the information to our database, Users data will be encrypted with the public key we have and while displaying the details on webpage, users private key is used in front end to display the details.

Public & Private keys are only for our website data encryption & decryption not for external authentication.

Do we need to get external CA certificates for this?

or

simply can we use like Crypto module in nodejs for generating key-pairs and use?

aws – Show a Web Application File URL Have Public or Private Access

I am debating whether to give my files a public url or a limited private one.

I am hosting various files for a mobile/web application. These will include product images and videos. Currently only authorized users can access this application, and so the files are private. However, I suppose users may want to directly share the file URLs with other users who are not authorized users so they can view them directly (eg through a web browser).

Currently the files are on an AWS S3 bucket (which has no public access) files are given a public url that expires after a short period of time (eg hours). By following this system we also avoid DOS attacks on our S3 bucket.

Am I missing any major reasons to make them public vs private (and the other way around)?

I noticed that facebook used to have persistent file urls for user photos across their CDN, but now they are only valid for an authenticated user (I haven’t tested their persistence over time).

ServerMania’s New Public Cloud Now Open for Business!

ServerMania dropped us a line to share news of the new ServerMania Public Cloud.  Read on for details about this interesting new offer!

ServerMania’s Public Cloud, In Their Own Words:

The recently launched ServerMania Public Cloud is built to deliver a reliable, secure and
scalable solution for any evolving business. With high-performance and a highly-available
infrastructure, our clients can scale to handle even the most demanding workloads with ease.

You can get started for as low as $5.00 month.

The advantages of our Cloud:

  • Complete Redundancy: Every component of the ServerMania Cloud hosting experience is redundant across CPU processing, storage, networking, backup, and more.
  • Flexible and Scalable: With ServerMania Cloud hosting, you can instantly scale up resources whenever your business needs change.
  • Reduced Infrastructure Costs: No up-front hardware costs and you only pay for the resources you need. Server billing is predictable and you pay once the month is complete.
  • Easy to Manage: Unlike other providers, we focus on delivering a server management experience that is as easy to use as possible.
  • The Support You Deserve: Unlike other providers, we don’t believe in charging extra for support or keeping it gated behind confusing management portals: our support team is always accessible to you.

Check out all the features of the ServerMania Cloud here.

Try the Cloud for free, for 10 days

If you want to give the ServerMania Cloud a try, head on over to this page and complete your
sign up straightaway. You will be able to give the ServerMania Cloud a try for 10 days.

You will be able to run and test various of our packages:

  • Deploy 2 instances of our S1-25 packages, with 1 GB RAM, 1 CPU core, 25 GB storage
    and 1 TB Bandwidth.
  • Or 1 instance of our S2-50 packages, 2 GB RAM, 1 CPU core, 50 GB storage and 2 TB
    Bandwidth.

Please note:

  • During the signup process you will be required to enter your credit card details. After
    verifying, a temporary USD $50 hold will appear on your account, which will be released
    by your financial institution soon after completing sign up.
  • Nothing will be charged to your credit card during the 10 day trial period, unless you
    decide to upgrade to a Full User.

Need more resources than you’ll get with our S1-25 or S2-50 packages? Sign up right now for
Full Use and get started with the ServerMania Cloud today.

raindog308

I’m Andrew, techno polymath and long-time LowEndTalk community Moderator. My technical interests include all things Unix, perl, python, shell scripting, and relational database systems. I enjoy writing technical articles here on LowEndBox to help people get more out of their VPSes.

transactions – How can be proven that a signature is valid with it’s public key

If someone wants to make a transaction, they need to sign the transaction data with their private key. For example Sign(transactionData, privateKey) creates the signature. What is exactly this Sign function and what happens inside this function? And how can be verified that a signature is valid with a public key? For example Verify(signature, publicKey), what happens inside this function?

public transport – From Heathrowstraat to central Amsterdam

Before you go to Amsterdam, make a simple plan, work out how much you can actually do in the time in the city.
If each day you only take the tram twice, once to go into the center of town and once back to your hotel, you are likely better off with ‘one time use’ tickets.
But if you want to flit all over, the pass of the GVB which includes a return rail ticket to the airport. Be aware that with this pass you can only use GVB buses, trams and Metros, not the other buses that are also running in the area.
A good option for you might be the pass that allows you free travel within the city center as well as free entry to some museums and attractions as well as reductions on other things to do in the city.

For more transport information see this question, (remember prices may have gone up.)

Alternatively, if you like cycling and the weather is promising to be good, hiring a bike can be a good option.
Amsterdam is good for cycling, the worst thing for most tourists is that it is too busy. But wait till the traffic lights down the road have changed and get on between the rushes of crowds or wait till after the rush hour, say after 9:00 AM. Get a good map for cyling and work out routes that use cycle routes, you will find that you have many options that way.

I would go to one main museum per day, maybe a small one extra if you see on you really like. Set some time aside for shopping, for sitting outside people watching and enjoy a drink, the traditional Dutch cafes are great for that. You will find them at almost every second corner in much of the city.
These sell drinks from coffee and soft drinks to hard spirits.

Plenty restaurants all over the city, the cheaper ones are mostly in the smaller streets behind the most famous streets or in the general area of sights.
More information about the city on many websites, likely also on in your language. I like this one, as it seems to cover everything.

Photo of the house boat museum in Amsterdam
This is one of the small museums you might like to add, the Houseboat museum.
Photo by Willeke and can be used under Creative Commons rules.

ssh – sshd never accepts public key offer

I have used PublicKey logins on a number of my servers for months without trouble. I generated the keys on my client machine and copied to the server’s ~/.ssh/authorized_keys using ssh-copy-id. All well and good until one machine stopped accepting key-based logins the other day. Obviously there has been a change, but the sshd_config is the same as it was and as the other server.

Running the connection verbosely offers the following:

debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/kapn/.ssh/id_rsa RSA SHA256: <deleted for post>
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/kapn/.ssh/id_dsa 
<and so on until it asks for a password>

My sshd_config file

Port 2201
PermitRootLogin without-password
PubkeyAuthentication yes
ChallengeResponseAuthentication no
UsePAM yes
TCPKeepAlive yes
# All else is at default settings.
# With the exception of the Port, PubKeyAuthentication and PermitRootLogin settings, 
# I didn't intentionally change anything here.

Any thoughts on where to look for trouble? Is there data to be gathered other than via the -vv switch on ssh?

virtual machines – I am trying to create a new VM in Azure and getting validation error as “Network interfaces should not have public IPs”

I am trying to create a new VM in Azure and getting validation error as “Network interfaces should not have public IPs”. I am just trying to create a Ubuntu Server 18.04 LTS with all the default options selected. Please let me know if I am doing something wrong here.

Error Details:

{“code”:”InvalidTemplateDeployment”,”message”:”The template deployment failed because of policy violation. Please see details for more information.”,”details”:({“code”:”RequestDisallowedByPolicy”,”target”:”ubuntuvm62″,”message”:”Resource ‘ubuntuvm62’ was disallowed by policy. (Code: RequestDisallowedByPolicy)”,”additionalInfo”:({“type”:”PolicyViolation”,”info”:{“policyDefinitionDisplayName”:”Network interfaces should not have public IPs”,”evaluationDetails”:{“evaluatedExpressions”:({“result”:”True”,”expressionKind”:”Field”,”expression”:”type”,”path”:”type”,”expressionValue”:”Microsoft.Network/networkInterfaces”,”targetValue”:”Microsoft.Network/networkInterfaces”,”operator”:”Equals”},{“result”:”False”,”expressionKind”:”Field”,”expression”:”Microsoft.Network/networkInterfaces/ipconfigurations().publicIpAddress.id”,”path”:”properties.ipConfigurations().properties.publicIpAddress.id”,”expressionValue”:”/subscriptions/8f2bfae4-37f5-44fe-94b5-6e16ff8040f4/resourceGroups/ubunturesourcegroup/providers/Microsoft.Network/publicIpAddresses/ubuntuvm-ip”,”targetValue”:”*”,”operator”:”NotLike”})},”policyDefinitionId”:”/providers/Microsoft.Authorization/policyDefinitions/83a86a26-fd1f-447c-b59d-e51f44264114″,”policyDefinitionName”:”83a86a26-fd1f-447c-b59d-e51f44264114″,”policyDefinitionEffect”:”deny”,”policyAssignmentId”:”/providers/Microsoft.Management/managementGroups/258ac4e4-146a-411e-9dc8-79a9e12fd6da/providers/Microsoft.Authorization/policyAssignments/b8ff9a106bbe41f7be986f29″,”policyAssignmentName”:”b8ff9a106bbe41f7be986f29″,”policyAssignmentDisplayName”:”Network interfaces should not have public IPs”,”policyAssignmentScope”:”/providers/Microsoft.Management/managementGroups/258ac4e4-146a-411e-9dc8-79a9e12fd6da”,”policyAssignmentParameters”:{}}}),”policyDetails”:({“isInitiative”:false,”assignmentId”:”/providers/Microsoft.Management/managementGroups/258ac4e4-146a-411e-9dc8-79a9e12fd6da/providers/Microsoft.Authorization/policyAssignments/b8ff9a106bbe41f7be986f29″,”assignmentName”:”Network interfaces should not have public IPs”,”viewDetailsUri”:”https://portal.azure.com#blade/Microsoft_Azure_Policy/EditAssignmentBladeV2/assignmentId/%2Fproviders%2FMicrosoft.Management%2FmanagementGroups%2F258ac4e4-146a-411e-9dc8-79a9e12fd6da%2Fproviders%2FMicrosoft.Authorization%2FpolicyAssignments%2Fb8ff9a106bbe41f7be986f29″})})}

public key – How did they generate these vanity addresses with 27 predetermined characters?

A while ago, I read some news about a huge transaction on the Bitcoin blockchain. The first few addresses used were apparently created with some kind of vanity address generator. One example is 1Lets1xxxxxx1use1xxxxxxxxxxxy2EaMkJ.

However I recalled, when reading up on the topic a couple of years ago, that this process is very computation hungry, since it entails a brute force search for private/public keypairs. Finding a keypair with only a few predetermined public key characters would take a long time. And indeed, the Vanitygen article on the Bitcoin wiki seems to agree – finding a keypair with 12 determined public key characters would take 11,700,000 years…

So, how did they manage to generate the public key above with 27 non-random characters?

(They say that the task of finding a private key for a specific public key is futile, but extrapolating here makes you kind of wonder…)