Posted by:
admin
10 years, 2 months ago
We've written a lot of tutorials over the years. Some here, some at howtoforge and even NetworkWorld. We've always believed that it's a great way to contribute to the community, spread awareness and make it easier for admins to secure their remote access services.
Now we can take this to the next level. We've been playing with packer for some time and it's a pretty impressive piece of software. Being able to create appliances for multiple virtual platforms such as VirtualBox, VMWare, EC2, Digital Ocean, Vagrant, etc, etc from a manageable, share-able code base will allow administrators to piggy-back off the work of others and contribute their knowledge to the community in the form of code.
The plan has three parts: a tutorial on how to manually setup the service on a server, a tutorial on how to build the server with packer and the packer scripts themselves, hosted on github.
Packer uses provisioning scripts to configure appliances. Most of the action occurs there. So, our first packer build has a script called openvpn.sh which updates the server, installs openvpn, creates certs, opens ports, etc. Scripts can be puppet or chef too, but we prefer the neutral shell scripts for now.
The plan is to create other tutorials and packer build scripts for other remote access services that would benefit from two-factor authentication and publish them as well. The hope is that people will contribute their scripts they use to secure linux servers as well.
First up is OpenVPN with two-factor authentication on Centos 7: the howtoforge tutorial, the packer tutorial and the packer scripts. Enjoy!
Share on Twitter Share on FacebookRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)