Proxmox Full Disk Encryption with SSH Remote Unlock

Read time 3 minutes

Although ZFS also offers encryption there is no support for full disk encryption yet so we will use LUKS instead. Requirements: ZFS mirror (raid1) install In order to encrypt a running system rpool must be a ZFS mirror. To verify you are running a ZFS mirror execute the following command. Note: If you don’t wantRead more

Login Mail Alert Using Rsyslog

Read time < 1 minute

I wanted a way to know who authenticates on my servers. This is especially useful if you work in a team or want to have some additional security in place. Rsyslogd is a service that ships with most distros which proceeds logs before they are written to disk. We will create a simple script whichRead more

SSH Configuration

Read time 2 minutes

Install SSH Start by installing SSH. Sudo For best practices you should disable root login and create a new user with sudo access. Add the user to the sudo group. Whenever needed you should use sudo to execute binaries with root privileges. To pipe text use sudo in combination with tee. If you know whatRead more

Using Ipsets to Block Tor Anonymity Network

Read time 2 minutes

Besides VPN and SOCKS5 proxies using the Tor anonymity network to scan servers and run brute force attacks is a common choice. It is especially useful to circumvent rate limiting given that you have easy access to a set of over 1500 IP addresses. So if you have your own rate limiting implementation make sureRead more

APT Upgrade Handling Tweaks

Read time 2 minutes

APT is a great package manager and there are several options to make upgrades more comfortable. Let me introduce you some. APT Configuration There are several configuration options for apt using /etc/apt/apt.conf.d/ In my case I enabled the periodic update schedule which will automatically update the package list, download upgrades but does not install them andRead more