Free 2-factor authentication with RADIUS and HOTP

HOTP is an internet standard that can be used for 2-factor authentication (i.e., something you know and something you have). This is an event-based One-Time Password protocol (i.e., the passwords are generated based on a counter i.o. the current time). This article is a description of how I used free tools to setup a complete environment for two-factor authentication on various servers. The article below is targetted to debian-based systems, but users of other Linux distributions (or other PAM enabled unices) should not have too great a difficulty to adept the description to their own environment.
Read the rest of this post »

February 12, 2008 • Posted in: security • No Comments

A Unix introductory document

Two years ago I created a Unix introductory document as part of a course manual for starting bio-informaticians. The document is written in OpenOffice.org (a requirement since I prefer LaTeX).

The document presents a general introduction to the Unix family of operating systems. It presents most examples using the Bourne shell (the shell that was delivered with Unix Release 7 in 1979) but aims to be agnostic towards specific Unix brands.

I made the document available under the GNU Free Documentation License so feel free to copy and use it where applicable. You can download either the OpenOffice.org format or the PDF export.

November 20, 2007 • Posted in: unix • No Comments

Using LVM snapshots as backups

I’ve written a script to rotate multiple snapshots of a logical volume in Linux’s LVM as a backup mechanism. The script is meant to be run via crond and (forcibly) removes the oldest snapshot and creates a new one. It can also monitor usage of the available snapshots. Call the script with the option –help for the manpage. The script is available from this link.

November 19, 2007 • Posted in: code • No Comments

Dipping my toes in the Xen pool

In my previous home setup I had two physical computers, one acting as my firewall and one acting as a DMZ system. Within the DMZ system there was no separation of functionalities and the need for slightly better hardware was starting to get apparent. Combine that with the need for consolidation to cut on electricity costs and we enter the wonderful world of virtualization.
Read the rest of this post »

November 15, 2007 • Posted in: code, security • No Comments