How to send Email with SMTP using Telnet in GNU/Linux

SMTP is a protocol to send email over the internet and it is documented in RFC821. Sending email using Telnet is straight-forward if you know how to do it.

telnet smtp.example.com 25
MAIL FROM: <example_from @ example.com>
RCPT TO: <example_to @ example.com>
DATA
From: [John Doe] <example_from @ example.com>
To: [Jane Doe] <example_to @ example.com>
Subject: This is a test message....

This is an example email content to demonstrate email sending using Telnet.

.

QUIT
[/pre]

Note that you need to type "." and QUIT after you've finished writing the email content. You should change the SMTP server domain and the email used in the example accordingly.



How to change hostname in Ubuntu server

Here’s how you can change hostname in Ubuntu server

1. Edit /etc/hostname, and change the hostname
2. Edit /etc/hosts file, and add the hostname to 127.0.0.1, or to any local machine ip
3. run, “sudo server hostname stop”, and “sudo server hostname start”

Please update/patch and secure Litespeed web server

Due to the widespread of Litespeed 0-day attack which has affected local websites, it’s imperative for all sysadmin and website operator to patch/update and upgrade the security of the Litespeed web server.

This attack is dangerous particularly because the attacker can gain shell access with the same privileges of the web server or the user that runs the web server. Usually this allow the attacker to peek into database content and downloads it.

Patch now!, the security and privacy of your users are at the stake!

Howto solve ssh_exchange_identification: Connection closed by remote host error

I’ve keep getting the message “ssh_exchange_identification: Connection closed by remote host error” after I managed to finalized my CRUX linux on my decTOP box today. After enough looking into documentations, I finally found out that I need to edit the “/etc/hosts.allow” file to allow SSH connection, for example:


#/etc/hosts.allow
sshd:ALL

or for more conservative setting


#/etc/hosts.allow
sshd:LOCAL
sshd:192.168.1.0/255.255.255.0

I can connect ssh to my box normally after that.

Debian: Force users to use more secure login password with pam_cracklib

One of the factor that makes your system easily crackable is the weak password. PAM cracklib forces users to choose stronger password by analyzing the password strength, length and entropy.

To enable pam_cracklib in Debian / Ubuntu operating system, you need to install libpam_cracklib:

sudo apt-get install libpam_cracklib

Then edit the “/etc/pam.d/common-password” file using your favorite editor. Then, add and uncomment the following line at the end of the file.

password required pam_cracklib.so retry=3 minlen=6 difok=3

difok determines the number of same characters that allowed to be present in the old and new passwords.

How to Setup SSH public-key or password-less authentication in Ubuntu

Here’s how to setup public-key (or passwordless) authentication in Ubuntu or any other Linux based operating system that use OpenSSH.

First make sure you’ve remote SSH server running and accepting connection. Then you need to generate ssh key on local server (I prefer RSA). You can enter passphrase for added security, or leave it blank for passwordless authentication.

local:~$ ssh-keygen -t rsa
Enter passphrase (empty for no passphrase):

The command will generate id_rsa and id_rsa.pub files. The files will be save in ~/.ssh/ directory. Then copy id_rsa.pub file to the remote server using SCP. Read How to use SCP on Linux or other UNIX-based Environment for more information about SCP

local:~$ scp id_rsa.pub username@remote.host:~/

Then you have to connect to the remote host and append the id_rsa.pub public key file to the list of “authorized_keys“. Don’t forget to chmod the authorized_keys file and .ssh directory, or OpenSSH won’t work correctly

local:~$ ssh username@remote.host

#now we are on remote server!
remote:~$ cat id_rsa.pub >> ~/.ssh/authorized_keys
remote:~$ chmod 644 ~/.ssh/authorized_keys
remote:~$ chmod 700 ~/.ssh

Make sure you have edited the “/etc/ssh/sshd_config” file to allow Public key authentication and RSA authentication.

#sshd_config file

PermitRootLogin no
...snip...
RSAAuthentication yes
PubkeyAuthentication yes
...snip..

Save and restart sshd server daemon by running the following command.

remote:~$ sudo /etc/init.d/ssh restart

After that, logout from the remote host to test the Public-key authentication


remote:~$ exit
local:~$

Testing the SSH public-key authentication
To test the public-key authentication, simply connect to remote server normally using ssh, and if things have gone smoothly you’ll be prompted to enter your passphrase, instead of password.


local:~$ ssh username@remote.host
Enter passphrase for key '/home/username/.ssh/id_rsa':

Note that you will not be prompted to enter passphrase/password if you’ve generated a key with “blank passphrase“, effectively making your login “passwordless”. For added security, it is advised that you disable normal interactive-keyboard password option and rely fully on public-key authentication by changing sshd_config line from:

PasswordAuthentication yes

to


PasswordAuthentication no

p/s: this tutorial was adapted from Shortest passwordless ssh tutorial, ever with updated notes for latest OpenSSH release