Documentation

• Tin and GPG mini HOWTO

  A quick guide to installing GPG and updating Tin for using GPG with Slackware Linux 8.0

• Slackware Linux on an IBM ThinkPad A21m
• A Backup System using SSH

  First Version Browse online, PDF

  In this document, I outline the processes how you can safely use SSH to implement a backup server (for housing backups, not for failover).

  Such an environment is useful for backing up potentially sensitive data, especially home directories, which have private SSH keys. This system is ideal for automated backups, especially when you don't have fancy backup equipment.

• Managing Large and Small Numbers of Similar Linux Boxen, using a Golden Client Methodology

  Started

  This is related to an installation system I am creating. I aim to show, in this so far vaporous document, how to easily install large (a lab full) numbers of workstations that can have different hardware, quickly and easily, and with less work than systems such as kickstart.

  So far, I have an OpenOffice.org presentation on the subject. It's completion will be some time after the software has been finalised.

• Commented hosts.allow and hosts.deny.

  Started, in earnest

  LibWrap is a mechanism for limiting what IPs can access various services on your machines. For the most part, the server name that you enter into hosts.allow or hosts.deny can easily be figured out using inetd.conf, or the name of server executable.

  However, not all software is this easily managed, and the documentation is appaling on this point. So, I'm going to write an commented hosts.allow, much like the very usefully commented rc.modules file under Slackware Linux, that documents the server strings that are available.

• Securing NFS by Tunneling through SSH

  Planned, not started

  NFS is a rather weak protocol, that is often criticized for its intense lack of real security. Most of these weaknesses can be avoided by sending the NFS traffic through a SSH link, probably using port forwarding.

  Experienced Unix and Linux persons will know that SSH cannot forward UDP streams, its limited to TCP, unfortunately. However, NFS exports can be mounted using TCP, via some options.

  There are hurdles to overcome, however. There are multiple streams involved, and we need to coordinate with the portmapper first.

  I hope to create a HOWTO like document that will walk you through the process