apt-get install gcc+ make build-essential curl autoconf automake libtool autotools-dev dpkg-dev fakeroot
apt-get install dpkg debconf debhelper lintian
wget http://www.inet.no/dante/files/dante-1.4.1.tar.gz
tar -xvf dante-1.4.1.tar.gz
cd dante-1.4.1
mkdir /home/dante
./configure --prefix=/home/dante
if u missing
PAM: Disabled, security/pam_appl.h missing
apt-get install libpam0g-dev
and rerun the configure command
Libwrap: Disabled, tcpd.h missing
apt-get install libwrap0 libwrap0-dev
and rerun the configure command
BSD Auth: Disabled, usable bsd_auth.h not found
apt-get install python-dev
and rerun the configure command
make
make install
The binary will be in /home/dante/sbin/sockd (yes it appears to be called sockd now).
/home/dante/sbin/sockd -v
Dante v1.4.1. Copyright (c) 1997 - 2014 Inferno Nettverk A/S, Norway
vi /home/dante/danted.conf
logoutput: /var/log/socks.log
internal: eth0 port = 1080
external: eth0
method: username
user.privileged: root
user.notprivileged: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
#dante-server configuration
Save
Launch danted. -f specifies the configuration file and -D makes it run in the background:
/home/dante/sbin/sockd -f /home/dante/danted.conf -D
Check if it is running:
netstat -tulp
To stop dante:
pkill sockd
Create user who need to login and who will not have shell access.
useradd -s /sbin/nologin phil
passwd phil
Make scripts for starting and stoping dante.
vi /home/dante/start-dante.sh
#!/bin/bash
sleep 10
/home/dante/sbin/sockd -f /home/dante/danted.conf -D
Save
chmod +x /home/dante/start-dante.sh ( to make executable )
vi /home/dante/stop-dante.sh
#!/bin/bash
/usr/bin/pkill sockd
Save
chmod +x /home/dante/stop-dante.sh ( to make executable )
Setup to run at boot
crontab -e
@reboot /home/dante/start-dante.sh > /dev/null 2>&1 ( You may have to increase the sleep time, if it does not work. )
duminică, 28 februarie 2016
vineri, 26 februarie 2016
AWS - EC2 - Change PEM Key
Before starting, save on your instance the key-first-one.pem ( orginal pem file which you get it at configure of the instance first time )
1. From the AWS EC2 Console -> Key Pairs and generate a new key pair (eg: keynew.pem);
Download the generated pem key, and chmod it to 0666
2. Use the new pem key to generate a public key
$ ssh-keygen -y
When prompted, enter the path to keynew.pem ( /path/to/keynew.pem ) . This will generate on console not in file
Touch keynew.pub and paste his content form generated process.
Tip: Edit keynew.pub and append the key's name so you can identify it easier in the next steps.
Just append a single space, then a tag/name for the key
3. Add the new public key to your instance
$ cat /path/to/keynew.pub | ssh -i /path/to/key-firstone.pem user@ip-private-from-aws "cat >> .ssh/authorized_keys"
4. Test the new key by logging in and removing the old/original key
$ ssh -i /path/to/keynew.pem user@ip-private-from-aws
$ nano ~/.ssh/authorized_keys
Find the line containing the "original name" key and remove it.
1. From the AWS EC2 Console -> Key Pairs and generate a new key pair (eg: keynew.pem);
Download the generated pem key, and chmod it to 0666
2. Use the new pem key to generate a public key
$ ssh-keygen -y
When prompted, enter the path to keynew.pem ( /path/to/keynew.pem ) . This will generate on console not in file
Touch keynew.pub and paste his content form generated process.
Tip: Edit keynew.pub and append the key's name so you can identify it easier in the next steps.
Just append a single space, then a tag/name for the key
3. Add the new public key to your instance
$ cat /path/to/keynew.pub | ssh -i /path/to/key-firstone.pem user@ip-private-from-aws "cat >> .ssh/authorized_keys"
4. Test the new key by logging in and removing the old/original key
$ ssh -i /path/to/keynew.pem user@ip-private-from-aws
$ nano ~/.ssh/authorized_keys
Find the line containing the "original name" key and remove it.
sâmbătă, 20 februarie 2016
UPGRADE OPENSSL FROM 0.9.X TO OPENSSL 1.0.2 – UBUNTU
apt-get remove –purge openssl libssl-dev
wget https://www.openssl.org/source/openssl-1.0.2f.tar.gz –no-check-certificate
tar -xvzf openssl-1.0.2f.tar.gz
mv openssl-1.0.2f openssl
cd openssl/
nano openssl.ld
OPENSSL_1.0.0 {
global:
*;
local:
*;
};
OPENSSL_1.0.1 {
} OPENSSL_1.0.0;
OPENSSL_1.0.1d {
} OPENSSL_1.0.1;
OPENSSL_1.0.2 {
} OPENSSL_1.0.1d;
./configure -fPIC shared -Wl,–version-script=/root/openssl/openssl.ld -Wl,-Bsymbolic-functions
make
make install
Check your new version
openssl version -a
and add PATH to env
export OPENSSL_INCLUDE_DIR=/usr/local/ssl/include/
export OPENSSL_LIBRARIES=’/usr/local/ssl/lib/libssl.so;/usr/local/ssl/lib/libcrypto.so’
export LD_LIBRARY_PATH=/usr/local/ssl/lib/
— The End —
wget https://www.openssl.org/source/openssl-1.0.2f.tar.gz –no-check-certificate
tar -xvzf openssl-1.0.2f.tar.gz
mv openssl-1.0.2f openssl
cd openssl/
nano openssl.ld
OPENSSL_1.0.0 {
global:
*;
local:
*;
};
OPENSSL_1.0.1 {
} OPENSSL_1.0.0;
OPENSSL_1.0.1d {
} OPENSSL_1.0.1;
OPENSSL_1.0.2 {
} OPENSSL_1.0.1d;
./configure -fPIC shared -Wl,–version-script=/root/openssl/openssl.ld -Wl,-Bsymbolic-functions
make
make install
Check your new version
openssl version -a
and add PATH to env
export OPENSSL_INCLUDE_DIR=/usr/local/ssl/include/
export OPENSSL_LIBRARIES=’/usr/local/ssl/lib/libssl.so;/usr/local/ssl/lib/libcrypto.so’
export LD_LIBRARY_PATH=/usr/local/ssl/lib/
— The End —
Abonați-vă la:
Postări (Atom)