May 12, 2007

remote backup to tape

#Server

  useradd backup
su - backup
ssh-keygen -t rsa
mv .ssh/id_dsa.pub .ssh/authorized_keys
mt -f /dev/st0 rewind
chown backup /bin/st0

#copy your key to client
(use vi to copy and past) or scp etc..

#Client

  vi backup.sh
#!/bin/sh
#remote backup to tape
#Author: Yu-Jen Chen
filename="www_"`date +%Y%m%d_%H%M%S`".tar.gz"
remote="203.64.178.107"
tar -zcf $filename /var/www/html/
scp -i id_rsa $filename backup@$remote:~
ssh -i id_rsa backup@$remote "tar -rvf /dev/st0 "$filename

#set crontab
 crontab -e
0 3 15,30 * * /var/www/backup/backup.sh

Some SSH Tips

SSH的相關安全設定

http://www.study-area.org/tips/ssh_tips.htm

http://linux.vbird.org/linux_server/0310telnetssh.php#ssh_sshdconfig

關於Client 的登入工具
http://linux.vbird.org/linux_server/0310telnetssh.php#ssh_client

#密碼
#私鑰

http://linux.vbird.org/linux_server/0310telnetssh.php#ssh_nopasswd

若使用putty需使用PuTTYgen將ssh-keygen 的key轉換putty所用的格式


Load→Save private Key…

使用 Key Agent
若有太多key時於可以參考Pageant
#Kerberos & GSSAPI

請man sshd_config

#putty系列的工具
http://libai.math.ncu.edu.tw/bcc16/6/putty/
http://www.chiark.greenend.org.uk/~sgtatham/putty/

l PuTTY
提供 Telnet 以及 SSH client 的功能。

l PSCP
提供 SCP client 的功能(安全加密的網路檔案拷貝,使用命令提示列)。

l PSFTP
提供 PSFTP client 的功能。

l PuTTYtel
僅提供 Telnet client 的功能。

l Plink
提供 SSH client ,使用命令提示列。

l Pageant
SSH 認證通行碼的代理程式。  

l PuTTYgen
提供產生RSA金鑰的工具。

當訊息為亂碼時

請注意系統的charset與client 的charset


或換為Big5


當然一般狀況換為en的環境可以避免較多的亂碼或排版跳格問題

若要更改預設字元集則於

vi /etc/sysconfig/i18n


Some OpenLDAP Resourse

主要的站:

http://www.openldap.org/


電子書:

http://www.bspu.secna.ru/~swp/LDAP/

http://www.zytrax.com/books/ldap/

實體書(中文):

http://203.64.181.44/Webpac2/store.dll/?ID=169574&T=0&S=ASC&ty=ns

Tools:

ldapadmin

http://ldapadmin.sourceforge.net/

jxplorer

http://www.jxplorer.org/

CSV to LDIF Converter(perl)

http://www.novell.com/coolsolutions/tools/14462.html

CSV2LDIF

http://www.home.unix-ag.org/patrick/index.php?csv2ldif

http://www.bind9.net/ldap-tools

LDAP函式庫:

PHP_LDAP

http://tw.php.net/manual/tw/ref.ldap.php

JDNI

http://java.sun.com/products/jndi/

Perl-LDAP

http://ldap.perl.org/

參考網址:

http://del.icio.us/tag/ldap

http://en.wikipedia.org/wiki/LDAP

Introduction to LDAP

http://twistedmatrix.com/users/tv/ldap-intro/ldap-intro.html


Red Hat Enterprise Linux 4: Reference Guide:Chapter 13. Lightweight Directory Access Protocol (LDAP)

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/ch-ldap.html

jiing's BlogLDAP相關資料整理
http://jiing.blogspot.com/2004/12/ldap.html

LDAP Howto, LDAP Links, LDAP Whitepapers

http://www.bind9.net/ldap/

Steven's Linux Note - Articles

http://ms.ntcb.edu.tw/~steven/

OpenLDAP-輕量級目錄存取協定前言
http://www.weithenn.idv.tw/cgi-bin/wiki.pl/OpenLDAP-%e8%bc%95%e9%87%8f%e7%b4%9a%e7%9b%ae%e9%8c%84%e5%ad%98%e5%8f%96%e5%8d%94%e5%ae%9a%e5%89%8d%e8%a8%80

RedHat Enterprise Linux Server 4.3 + OpenLDAP + DNS + Samba + Postfix + OpenWebmail
http://www.nseasy.net/

OpenLDAP: Configuring Access Control Lists

http://sapiens.wustl.edu/~sysmain/info/openldap/openldap_configure_acl.html

vbird網友投書

http://linux.vbird.org/somepaper

延伸閱讀:

Single Sign on

http://en.wikipedia.org/wiki/Single_sign-on

LdapInjection

http://www.owasp.org/index.php/LDAP_injection


LDAP Software, LDAP Tools, LDAP Utilities

Linux檔案存取權限

Permission

http://linux.vbird.org/linux_basic/0210filepermission.php#filepermission

SUID/SGID/Sticky Bit

http://linux.vbird.org/linux_basic/0220filemanager.php#fileperm

ACL

http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/File_Systems/ch-acls.html

http://linux.vbird.org/linux_server/0240network-secure-1.php#acl

Selinux

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/

http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Security_And_Authentication/index.html