Setting up users and securing my server.

Last night I got the server upgraded to ububtu 10.04 and installed puppet. The first and only recipe we've got is one to make sure our sudoers file has the proper permissions. Tonight I'm hoping to:
  • Add myself a user
  • Automatically create me ssh key
  • Prevent root from logging in via ssh
  • Prevent users from logging in other than with a key.
  • It would be nice to be able to email me my key since I don't run puppet on my mac, though I may be convinced to go down that route if it proves too difficult.
Longer term I'm hoping to extend this same process to create user certificates for https client certificate authentication and it would be nice to use the same key, certificates and revocation process to issue new credential to users or to even lock them out. Bearing that all in mind, but not getting too hung up on stuff I'm doing later, off we go.
Read More

Upgrading my server and installing puppet

I woke up this morning to a fresh install of Ubuntu 8.04 I was just itching to configure, but I had to work. So it wasn't until after the kids got fed and put to bed I could get started. What I'm aiming to accomplish tonight it to get the server configured and upgraded.
Read More

Let's use puppet instead.

So I've just trashed a perfectly good, working server install. That's right, I threw it all away, and for what you ask? For you gentle reader... and because I found a new toy that I wanted to play with, puppet.
Read More

New development server

Things around here have stalled a bit I've not had much free time what with a new job and travelling. The time I have had I've spent getting a build server setup. Replacing my ageing trac/subversion install is something I've meant to do for a while and just never got around to.
Read More

Getting along with Eclipse

It's been a week or so with a few good days coding in Eclipse, I even took IDEA off my own machines and replaced it so that I'm only working in the one environment and it's going well. I'm pretty much using the default settings and only adding to them a little as I go. I'm resisting the urge to change the key bindings to the IDEA ones.
Read More

So long IDEA

I've been using Intellij IDEA for years, I pretty much swear by it for development and I have no real complaints. But now I've got a new job and they use Eclipse. Now, so do I. I figure there is no way to properly learn to use Eclipse if my heart is still in IDEA, so there's nothing for it except to say goodbye IDEA and move over to Eclipse for everything.
Read More

OAuth 2.0

I've been updating my OAuth library to support OAuth 2.0 mostly so I can add Facebook to Announce.ly and Sproozi, but more on that later. OAuth 2.0 is similar to 1.0 but changes a few key things fundamentally and isn't backwards compatible.
Read More

Another Open Source Library.

I'm having a bit of a clear out, taking a look at some of the code I've written and I've been pushing some of the stuff I'm currently using up to GitHub under and Apache 2 licence. I've used things in Announce.ly, Sproozi and some other small projects and figure they may be useful to someone else. My only criteria has been to ask If I'm using it now in a project, if so I'm actively supporting it and I've started pushing that stuff to GitHub, everything else is dormant and I don't want to release something I'm not actively supporting- it also occurs to me that if even I'm not using it, it can't be all that worthwhile.
Read More

My new open source Java OAuth library

I've just pushed out a new open source java OAuth library because I couldn't find one that did what I needed. My key requirement was simplicity. I didn't like the idea of using the library for HTTP stuff and there is no reason I should. Once I've obtained the Access Token all I'm doing with oAuth is signing my requests.
Read More