The church at Ampney St Mary on an early Sunday morning run.
via Instagram http://instagram.com/p/bLRPysHEK1/
Sunday, 30 June 2013
Instagram of the Day for June 30, 2013 at 09:17AM
The church at Ampney St Mary on an early Sunday morning run.
via Instagram http://instagram.com/p/bLRPysHEK1/
Saturday, 29 June 2013
Instagram of the Day for June 29, 2013 at 09:35PM
Hands are for being held by, not for listening to - daft little bloke ...
via Instagram http://instagram.com/p/bKA-n8nEKa/
Friday, 28 June 2013
Instagram of the Day for June 28, 2013 at 05:11PM
St Michael's Church, Harnhill. Sort-of-Narnian wardrobe territory ... 48 hours to spend in a different world ... gulp ...
via Instagram http://instagram.com/p/bG-AVAnENG/
Thursday, 27 June 2013
Instagram of the Day for June 27, 2013 at 11:05PM
modeFRONTIER talking to Hungary - I know I'm the only one excited by this ...
via Instagram http://instagram.com/p/bFBqn9nENl/
Wednesday, 26 June 2013
Instagram of the Day for June 26, 2013 at 09:12PM
Raiders of the Lost Mark after laying down some righteous grooves celebrate with a fine Sunam curry.
via Instagram http://instagram.com/p/bCP8kkHEBT/
Sunday, 23 June 2013
Instagram of the Day for June 23, 2013 at 08:59AM
Breakfast on the way - CB at the culinary helm. #BestHo meGroup #JustForAmberAndBen #:-)
via Instagram http://instagram.com/p/a5NsD3HEOr/
Saturday, 22 June 2013
Instagram of the Day for June 22, 2013 at 10:47PM
Night falls on a sleepy campsite - lovely day, lovely people, best homegroup in the world. :-)
via Instagram http://instagram.com/p/a4HsCEnEOg/
Friday, 21 June 2013
Instagram of the Day for June 21, 2013 at 08:22PM
Several irresponsible adults are camping again - watch out for the fireworks!
via Instagram http://instagram.com/p/a1SMjWHEB5/
Thursday, 20 June 2013
Instagram of the Day for June 20, 2013 at 10:22PM
Back home, so here's an old photo of my wee 'uns to mark all 4 of us back under one roof :-)
via Instagram http://instagram.com/p/ay7IjUnEHl/
Wednesday, 19 June 2013
Instagram of the Day for June 19, 2013 at 04:56PM
A champagne moment on the EnginSoft stand at the Paris Airshow ... :-)
via Instagram http://instagram.com/p/avxGFHnEA0/
Tuesday, 18 June 2013
Monday, 17 June 2013
Instagram of the Day for June 17, 2013 at 11:33PM
Ready for the 0415 getaway for the Paris Airshow AND the follow-on Mad Camping Weekend. Blow, winds, and crack your cheeks!
via Instagram http://instagram.com/p/arU5z-HEOs/
Sunday, 16 June 2013
Instagram of the Day for June 16, 2013 at 10:53PM
Is there a more fortunate father than the one with such a porridge gift? I think not! #fathersday
via Instagram http://instagram.com/p/aorm01HELA/
Setting-Up OpenSSH Under Windows with Cygwin
These instructions are culled from a thousand mailing lists and web sites - I am not being coy, but I honestly can’t remember all my sources! The point that I take away from that is the lack of a single source document that really deals with the whole process of providing remote users with limited access to your computer for exchanging files.
Key parts of the how-to were learned from:
THESE INSTRUCTIONS ARE HOW TO SETUP AN SSH SERVER. If you simply wish to ACCESS an existing SSH server using passwordless (public key cryptography) then jump straight to section 10.
(1) You will need a windows user login on the machine for each unique SSH user that you want to access the machine. It’s neat if you assign them all to the same windows user group - this will mean that they can be treated as a group under Cygwin for the purposes of permissions assignment.
a. Launch “Computer Management”
b. Under System Tools > Local Users and Groups > Groups, right click and select “New Group”
c. Create a group “SSH_Users” and add the Windows accounts that you will give access to SSH
d. Launch “Edit Group Policy”
e. Find Computer Configuration > Security Settings > Local Policies > User Rights Assignment
f. Edit “Allow Logon Locally” to include your “SSH_Users” group
g. Run GPUpdate.exe to update your group policies on the system
(2) Install Cygwin
a. Download the cygwin installer from www.cygwin.com
b. Run the installer - under the list of packages, in the Net section, select the “ssh” item
c. Continue with the installation of Cygwin
(3) Some Cygwin orientation (just to stop you wasting time!)
a. Although Cygwin gives you a linux-like environment, it is not completely the same as linux.
b. In particular, groups and permissions have a complex relationship with Windows - as we’ll see
c. Every windows user that launches Cygwin will get their own identically-named Cygwin user
d. You can’t create usable Cygwin users that are not associated with valid Windows logins
e. Nor can you readily switch users within Cygwin by su [cygwin user]
f. By default, each users home directory within Cygwin will be /home/[cygwin user]
g. This will typically correspond to c:\cygwin\home\[cygwin user] on windows
(4) Initial SSH setup
a. Launch Cygwin as administrator
b. Under Cygwin, run ssh-host-config
c. When asked about “privilege separation” answer “yes”
d. When asked whether to "create local user sshd" answer “yes”
e. When asked how to set CYGWIN= answer “ntsec mintty”
(5) Starting and Stopping the SSH server
a. net start sshd
b. net stop sshd
(5) Passwords and Groups under Cygwin
a. Cygwin has the usual /etc/passwd and /etc/group files, but they look a bit different
b. passwd can be generated from windows security stuff by mkpasswd > /etc/passwd
c. group can be generated from windows security stuff by mkgroup > /etc/ group
d. If you change things on windows you’ll need to do this, so have a go now!
(6) Locking SSH users into restricted sub-file-spaces
a. This uses “chroot” technology - don’t worry if you’re unfamiliar with this - follow the recipe!
b. Edit the /etc/group file as follows to create a root group:
c. Copy the “Administrators” group line
d. Edit the name (“Administrators”) on the first version to be “root”
e. Set the group id (the third field) to “0”
f. Note the group id of the SSH_Users group - you’ll need this in a second
g. Edit the /etc/passwd file as follows to create a root user:
h. Copy the “Administrator” user line
i. Edit the name (“Administrator”) on the first version to be “root”
j. Give it user and group ids of 0:0 instead of 500:513
k. Set the primary group ids of the windows users with SSH access to the SSH_Users group id
l. Edit the /etc/sshd_config file:
m. Change the line “Subsystem sftp /usr/sbin/sftp-server” to “Subsystem sftp internal-sftp”
n. Add the following section to the end of the file:
Match Group SSH_Users
ChrootDirectory /jail/%u
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no
(7) Create the restricted directories
a. Within Cygwin, create a directory /jail
b. For each SSH user, create directories /jail/[cygwin user] and /jail/[cygwin user]/home
c. Ensure that all these directories are owned by root:root (chown -R root:root /jail)
d. Ensure that / is owned by root:root too! cd /, then chown root:root . (note the dot at the end of that!)
e. If write permissions are going to prevent a user writing to a directory owned by root:root then:
f. Add a directory /jail/[cygwin user]/home/[writable directory] owned by :Users
(8) Firewall Port 22 needs to be opened to permit SSH traffic
(9) You should now be good to go, albeit users need to use username / password logins.
(10) Implementing public-key (passwordless) logins
a. This is based on the use of pairs of files, called “private” and “public” keys
b. Any user account on any computer can have such a pair of key files
c. The user account MUST keep their private key secret …
d. … but can freely share their public key
(11) Actions required on the SSH SERVER
a. A (Cygwin) account permitting logins from remote sites should have a ~/.ssh directory
b. This .ssh directory should contain a text file called authorized_keys
c. This file should contain the PUBLIC keys of the remote computer/users allowed to login
(12) A computer/user who wishes to login to your server must:
a. Give you a copy of their PUBLIC key
b. You add this to the authorized_keys file of the account to which they wish to connect
c. They keep their PRIVATE key private!
d. Their applications will have rules for what to do with their private key
e. You (ie the server) do NOT need to share any key information with them
(13) How do you generate the private/public key pair on a machine with SSH installed?
a. Use the command ssh-keygen -t rsa
b. Don’t specify a passphrase
(14) How do you generate the private/public key pair on a windows machine without SSH?
a. Download puttygen from www.chiark.greenend.org.uk
b. Run puttygen - the instructions will be given to youSaturday, 15 June 2013
Instagram of the Day for June 15, 2013 at 08:38PM
Ben Esq, and his new domicile. A veritable mansion - a stately home, even. Even has stone gate posts and a drive.
via Instagram http://instagram.com/p/al3QZinEHT/
Instagram of the Day for June 14, 2013 at 11:45PM
Anne's birthday tea, a nice bunch with quirky habits and very odd film preferences ... Maid of Honour? Really?
via Instagram http://instagram.com/p/ajn36xHEOT/
Thursday, 13 June 2013
Instagram of the Day for June 13, 2013 at 09:00PM
Happy Birthday Debbie, Charlie and Anne ... and thanks to Kerry for a fantastic dinner, and to Dawn and Peter for being :-)
via Instagram http://instagram.com/p/agwNoVnEOg/
Wednesday, 12 June 2013
Instagram of the Day for June 12, 2013 at 07:39PM
Mr Cheetham's new titfer ... a gift from the coaching group, and very distinguished we all agreed.
via Instagram http://instagram.com/p/aeCI9VnEKD/
Monday, 10 June 2013
Instagram of the Day for June 10, 2013 at 09:08PM
Spit Nolan would have appreciated this fine-looking beast yearning for the open road. I shall call it "Egdam" and ride it under a charabanc.
via Instagram http://instagram.com/p/aZCupCHEKL/
Sunday, 9 June 2013
Instagram of the Day for June 09, 2013 at 12:53PM
#twocastles completed ... a bit disappointed by time if honest, but big improvement yoy. Thanks organisers!
via Instagram http://instagram.com/p/aVlVKinECm/
Saturday, 8 June 2013
Instagram of the Day for June 08, 2013 at 07:51PM
Let me try that again - it's my new BIKE, complete with new bb and looking a dream for £40 so far ... leave it alone, thieves!
via Instagram http://instagram.com/p/aTwYvBHEBP/
Instagram of the Day for June 08, 2013 at 12:01AM
Of course it's the real James Bond! Amber's 25th :-)
via Instagram http://instagram.com/p/aRoJvZnEAm/
Wednesday, 5 June 2013
Instagram of the Day for June 05, 2013 at 07:23PM
A picture of Team Tawny Owl from the BCN Challenge 2wks ago to celebrate our VICTORY!
via Instagram http://instagram.com/p/aL-0tuHEB8/
Sunday, 2 June 2013
Instagram of the Day for June 01, 2013 at 11:49PM
This is HMS Warrior in Portsmouth. I WAS going to post a picture of my lovely Trek mountain bike but some absolute bastard had stolen it, so the ship will have to do. Lovely evening with Stephen and Diane, but very disappointing ending :-( :'( :-[
via Instagram http://instagram.com/p/aCJ_J6nECO/
Subscribe to:
Posts (Atom)