itsecureadmin.com

Month: September 2012

  • Nginx and Daemontools – nginx can’t bind – (98: Address already in use.)

    A common question or issue that I’ve noted when helping customers when using nginx with daemontools is a flood of messages to the error log relating to a failure to bind on port 80 (or whichever port is configured) like the following: ==> logs/error.log

  • Require TLS on OpenLDAP

    A common question that comes up on the LDAP mailing list and among peers of mine who work with OpenLDAP is “how do I force clients to use secure connections when connecting to my LDAP directory?”. The correct way to require TLS using OpenLDAP is to set minssf=256 under cn=config using the olcSecurity attribute. Here […]

  • Securing a hackintosh ?

    If you ever have to use a hackintosh and are interested in creating a secure encrypted environment to work in, this article will tell you how.

  • Apache logs – owned by root ?

    While working through an issue with php-ldap I was running an strace on apache and noticed there were some access denied errors when a process was attempting to write to the apache error_log. Now this was interesting as apache typically opens the log files as root and does not require the log permissions to be […]

  • SSH Public Key Authentication via OpenLDAP on RHEL/CentOS 6.x

    With the release of RHEL/CentOS 6.x there are some changes to the way clients authenticate using public keys over SSH with keys stored in OpenLDAP. I was able to get this working with the following modifications. Pre-requisites: * RHEL / CentOS 6.x * openssh-ldap Setup the sshd_config by setting up the AuthorizedKeysCommand. This will execute […]