pirmdiena, 2012. gada 30. janvāris

Tor exit relay on linux

We will run tor as a regular non-root user on slackware 13.37.
First download and install libevent:
tar -xvzf libevent-2xxx
cd libevent-2xxx
./configure
make
make install


Download tor source code and install:
tar -xvzf tor-0xxx
cd tor-0xxx
./configur --with-libevent-dir=/usr/local/lib
make
make install


Create configuration files:
cd /usr/local/etc/tor
cp torrc.sample torrc
mkdir /var/log/tor
touch /var/log/tor/notices.log
touch /var/log/tor/debug.log
mkdir /var/run/tor
touch /var/run/tor/tor.pid
mkdir /var/lib/tor

chown -R user:users /var/log/tor
chown -R user:users /var/run/tor
chown -R user:users /var/lib/tor


Edit torrc:
SocksPort 9050
DirPort 9030
SocksListenAddress 127.0.0.1
Log notice file /var/log/tor/notices.log
# Log debug file /var/log/tor/debug.log
DataDirectory /var/lib/tor
Nickname mynickname
ContactInfo your name <mail AT mail dot com>
ORPort 9001
# 443
RelayBandwidthBurst 100 KB
# 800Kbps
RelayBandwidthRate 200 KB
# 1600Kbps

Test run:
/usr/local/bin/tor -f /usr/local/etc/tor/torrc

Edit and set up control script located in source directory:
vim tor-0xxx/contrib/torctl
TORBIN="/usr/local/bin/$EXEC"
TORCONF="/usr/local/etc/tor/torrc"
PIDFILE="/var/run/tor/tor.pid"
LOGFILE="/var/log/tor/tor.log"
TORDATA="/var/lib/tor"
TORUSER=user


cp torctl /usr/local/bin/scripts/
chmod +x /usr/local/bin/scripts/torctl


Edit tor.sh:
DAEMON=/usr/local/bin/tor
TORCTL=/usr/local/bin/scripts/torctl
#TORUSER=_tor
#export TORUSER

cp tor.sh /etc/rc.d/init.d/tor.sh
chmod +x /etc/rc.d/init.d/tor.sh


Options: start | stop | restart | reload | status

Your are done!
/etc/rc.d/init.d/tor.sh start

*Running tor as root is not recommended.

--
*http://www.linux-tutorial.net/a847

otrdiena, 2012. gada 24. janvāris

Chrooted SFTP user with disabled shell access

Open /etc/sshd/sshd.conf and enable if disabled:
Subsystem sftp internal-sftp

Add following lines at the end:
Match group sftponly # or Match user someuser
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

pirmdiena, 2012. gada 9. janvāris

openssl encrypt and decrypt files

encrypt:
openssl des3 -salt -in file.txt -out file.des3 -pass pass:mypass

decrypt:
openssl des3 -d -salt -in file.des3 -out file.txt -pass pass:mypass