" What is the basic and important difference between password and passphrase when implementing SSH with DSA/RAS public key authentication? Which one is recommended for daily usage? "
The main and basic difference is that you can use multi string phrase including spaces and tabs using a passphrase under ssh. Normal /etc/shadow password is a single string password and many application will breaks with spaces and tabs while using authentication. So your account password must be a single word/string.
For example my account password can be iF33%gNCyzDy
I could create a passphrase: Th1s 1s A t3sT and s3cur3 pa$$phra$3
The advantage is simple you can use spaces and tabs to create a more secure and hard to break authentication method. This makes dictionary based attack quite difficult.
Saturday, February 6, 2010
Implementing a Temporary File System (TEMPFS) in Solaris
TempFS provides in-memory (RAM), very fast, storage and boosts application performance
Steps:
1. Determine available memory and the amount you can spare for TEMPFS
-prtconf
- allocate 100MB
2. Execute mount command:
mkdir /tempdata && chmod 777 /tempdata && mount -F tmpfs -osize=100m swap /tempdata
Note: TEMPFS data does NOT persist/survive across reboots
Note: TEMPFS data is lost when the following occurs:
1. TEMPFS mount point is unmounted: i.e. umount /tempdata
2. System reboot
Modify /etc/vfstab to include the TEMPFS mount point for reboots
swap - /tempdata tmpfs - yes -
Steps:
1. Determine available memory and the amount you can spare for TEMPFS
-prtconf
- allocate 100MB
2. Execute mount command:
mkdir /tempdata && chmod 777 /tempdata && mount -F tmpfs -osize=100m swap /tempdata
Note: TEMPFS data does NOT persist/survive across reboots
Note: TEMPFS data is lost when the following occurs:
1. TEMPFS mount point is unmounted: i.e. umount /tempdata
2. System reboot
Modify /etc/vfstab to include the TEMPFS mount point for reboots
swap - /tempdata tmpfs - yes -
Monitoring performance of ZFS file system using zfs iostat
ZFS is built-in with a lot of monitoring features. We would be covering iostat here specifically.
The command syntax is pretty simple and straight forward and much close to the older iostat command. Here's how it looks like:
root@opensolaris:~# zpool iostat
root@opensolaris:~# zpool iostat zpooldata 1 5
capacity operations bandwidth
pool used avail read write read write
---------- ----- ----- ----- ----- ----- -----
zpooldata 222K 7.06G 0 0 2.47K 1.45K
zpooldata 222K 7.06G 0 0 0 0
zpooldata 222K 7.06G 0 0 0 0
zpooldata 222K 7.06G 0 0 0 0
zpooldata 222K 7.06G 0 0 0 0
root@opensolaris:~#
The command syntax is pretty simple and straight forward and much close to the older iostat command. Here's how it looks like:
root@opensolaris:~# zpool iostat
root@opensolaris:~# zpool iostat zpooldata 1 5
capacity operations bandwidth
pool used avail read write read write
---------- ----- ----- ----- ----- ----- -----
zpooldata 222K 7.06G 0 0 2.47K 1.45K
zpooldata 222K 7.06G 0 0 0 0
zpooldata 222K 7.06G 0 0 0 0
zpooldata 222K 7.06G 0 0 0 0
zpooldata 222K 7.06G 0 0 0 0
root@opensolaris:~#
How to Rename a Solaris Zone?
A few days back i had a need to rename my Solaris zones from "orazone" to "oraprodzone". I followed the below steps to successfully rename my zone's name.
STEP 1: Shutdown the zone "orazone"
Issue the following commands from the globalzone to shutdown orazone.
globalzone# zoneadm list -iv
ID NAME STATUS PATH
0 global running /
2 orazone running /zones/orazone
globalzone# zoneadm -z orazone halt
globalzone# zoneadm list -iv
ID NAME STATUS PATH
0 global running /
- orazone installed /zones/orazone
globalzone#
STEP 2: Rename the Zone from "orazone" to "oraprodzone"
Enter zone configuration from the global zone using the below mentioned commands.
globalzone# zonecfg -z orazone
zonecfg:orazone> set zonename=oraprodzone
zonecfg:orazone> commit
zonecfg:orazone> exit
globalzone# zoneadm list -vc
ID NAME STATUS PATH BRAND
0 global running / native
- oraprodzone installed /zones/orazone native
STEP 3: Boot the zone
After you have made the above changes, boot the zone from the global zone using the below commands.
globalzone# zoneadm -z oraprodzone boot
globalzone# zoneadm list -iv
ID NAME STATUS PATH
0 global running /
2 orazone running /zones/orazone
Done!
There is another way to rename a zone (not supported, but it worked for me), but then that's not the right one though. However, i would mention that as well.
Renaming zone orazone to oraprodzone
Perform all of the below as root of global zone.
First shutdown your orazone zone
globalzone# zoneadm -z orazone halt
globalzone# vi /etc/zones/index
change orazone to oraprodzone
globalzone# cd /etc/zones
globalzone# mv orazone.xml oraprodzone.xml
globalzone# vi oraprodzone.xml
change orazone to oraprodzone
globalzone# cd /zones
-/zones is where I have stored all the zones
globalzone# mv orazone oraprodzone
-cd to your new zone (/zones/oraprodzone)and modify /etc/hosts, /etc/nodename, /etc/hostname.xxx
globalzone# cd /zones/oraprodzone/root/etc
-boot new renaming zone
globalzone# zoneadm -z oraprodzone boot
STEP 1: Shutdown the zone "orazone"
Issue the following commands from the globalzone to shutdown orazone.
globalzone# zoneadm list -iv
ID NAME STATUS PATH
0 global running /
2 orazone running /zones/orazone
globalzone# zoneadm -z orazone halt
globalzone# zoneadm list -iv
ID NAME STATUS PATH
0 global running /
- orazone installed /zones/orazone
globalzone#
STEP 2: Rename the Zone from "orazone" to "oraprodzone"
Enter zone configuration from the global zone using the below mentioned commands.
globalzone# zonecfg -z orazone
zonecfg:orazone> set zonename=oraprodzone
zonecfg:orazone> commit
zonecfg:orazone> exit
globalzone# zoneadm list -vc
ID NAME STATUS PATH BRAND
0 global running / native
- oraprodzone installed /zones/orazone native
STEP 3: Boot the zone
After you have made the above changes, boot the zone from the global zone using the below commands.
globalzone# zoneadm -z oraprodzone boot
globalzone# zoneadm list -iv
ID NAME STATUS PATH
0 global running /
2 orazone running /zones/orazone
Done!
There is another way to rename a zone (not supported, but it worked for me), but then that's not the right one though. However, i would mention that as well.
Renaming zone orazone to oraprodzone
Perform all of the below as root of global zone.
First shutdown your orazone zone
globalzone# zoneadm -z orazone halt
globalzone# vi /etc/zones/index
change orazone to oraprodzone
globalzone# cd /etc/zones
globalzone# mv orazone.xml oraprodzone.xml
globalzone# vi oraprodzone.xml
change orazone to oraprodzone
globalzone# cd /zones
-/zones is where I have stored all the zones
globalzone# mv orazone oraprodzone
-cd to your new zone (/zones/oraprodzone)and modify /etc/hosts, /etc/nodename, /etc/hostname.xxx
globalzone# cd /zones/oraprodzone/root/etc
-boot new renaming zone
globalzone# zoneadm -z oraprodzone boot
Subscribe to:
Posts (Atom)
Posts
