Welcome to My Education Lounge

A central location for all things security and tech related

10 Random Server Tips - 23 Oct 2019
  1. After initial login always make another account thats not root
  2. Remove the ability to ssh into your server. Make it rsa key login only. Non-technical description: don’t let people use username and password for ssh
  3. If using aws make a new .perm per instance group. Por ejemplo you manage a bunch of servers for AwsomeCo. Make an ‘AwesomeCo.pem’ file and save it in your records for that company
  4. For static sites really evaluate if you need a “whole” server. You can host static sites on s3 and people can’t even tell the difference
  5. Tag things….every platform has a way to tag “resources”. Come up with set key-value pairs you will use across platforms. Ex keys would be: name, team, reason, region, poc
  6. Before creating new things for teams set up IAM. Dot all ya “i”s and cross ya “t”s. Easier to do this first vs doing things as you go
  7. If you can use a linux/unix based command line. Windows has the ubuntu command line on the store you can use. Nit sure about you but terminal ssh feels easier than putty (easy = less clicking)
  8. Change server ‘hostname’. You not going to remember the ip but you will remember ’Co-billing, Co-website, Co-wordpress,ect.’
  9. If you maintain a lot of servers you might want to alias them locally. You can use the same format as the hostname if ya want.
  10. Get an SSL cert as soon as the A record or whatever is configured
Creating a Nextcloud server on AWS - 22 Oct 2019

I wrote how to throw up a Nextcloud server using Linode. Nexcloud is a free file sharing software, but you have to host it. Let’s begin…

Have a domain

I don’t want to tell you how to setup a domain and such. I will say that you should buy the domain name to go with this nextcloud and then move on.

I’m using a sub-domain tho

Well then figure out how to setup/deal with A records per your dns provider.

Get the Instance Created

  1. Choose a free tier EC2 instance and select the first Ubuntu one with a x86.
  2. Go straight to review
  3. Go to the security group section and make sure that you have the following rules:
    • SSH Port 22
    • HTTP Port 80
  4. Save and then start your instance (P.S. If you want to tag it now then feel free to do that here)
  5. Create a .perm for this instance and save it where you can get to it (I like the Desktop)
  6. While the instance is starting then go down to elastic ips and go through the steps
  7. Once the ip is created click actions > associate address
  8. Let’s login

Setup Nextcloud

Now that we are in our Ubuntu instance let’s have some fun. We will be downloading Nextcloud using snap so run the following:

sudo snap install nextcloud

Once we verify that your setup ran without a problem we are going to set up an admin account by running:

sudo nextcloud.manual-install <username> <password>

You should then see another verification that Nextcloud was installed successfully. If you didn’t add a domain in step 2 then skip this step. Add your custom domain to the trusted list by typing:

sudo nextcloud.occ config:system:set trusted_domains 1 --value=<domain-name>
sudo nextcloud.occ config:system:get trusted_domains

Want SSL

Awww we getting safe af in these streets. Run the following:

sudo nextcloud.enable-https lets-encrypt
y
<email-address>
<domain-name>

Once you get a confirmation you are done! To logon either put in the ip-address of your server or your domain. Now you can can share all your secret work with your siblings and friends. lol

P.P.S.- if you want to use https (which of course you do) then you should change your security group again to allow inbount HTTPS Port 443

edit 10/23/19: Edited some steps because I forgot to add the right security group permissions 🙃

Back to Security - 13 Oct 2019

You may have noticed I slowed down on talking about security. It wasn’t on purpose at all I just had things going on and needed to just do work to get to where I wanted. That being said I’m getting settled again so I want to pick up security talk. Let me reintroduce you to the things I’m into in this area. I’m a mobile developer by “trade” so I’m interested in mobile secuirity. This interest is more for bounty programs/my spare time. I want to really use my knowledge and skill to get into medical device security. The field is picking up and I want a seat at that table.

Analytics FTW - 13 Oct 2019

Let me start this off by admitting I don’t think this is devops related but it could be.

I'm Speaking...Again - 05 Oct 2019

Back in april I wrote this about my first time speaking. In 3 days I’ll be speaking once again but this time I’m giving TWO talks. My first talk will be targeted at people with an idea and talking them what to look for in a developer for their mvp (minimum viable product). My final talk will target people that want to get into mobile development as a career. I’m going to post the abstracts below but I wanted to talk about why I’m doing this. Actually…I have no clue why I’m doing this. lol I had a goal of doing 1 conference talk, but these last two were stretch goals. I had this wild idea that I could start doing conference talks to solidify my place as a SME (Subject Matter Expert) in mobile development. It is true that Android is my platform of choice but I study/keep up with all things mobile. I don’t know if these talks have gotten me what I wanted just yet but I can see how they are helping me build my network.