iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
htpasswd file usernameSite configuration file in /etc/apache2 or something you have should have in appropriate directory section something like
AllowOverride AuthConfigYou need to load these modules:
LoadModule auth_basic_module /usr/lib/apache2/modules/mod_auth_basic.so LoadModule authn_file_module /usr/lib/apache2/modules/mod_authn_file.so LoadModule authz_user_module /usr/lib/apache2/modules/mod_authz_user.soCreate .htaccess in directory to be protected with content:
AuthType Basic AuthUserFile full_path_to_htpasswd_file AuthName "Some message to user." Require user usernameMore advanced version to allow some ip address without authentication.
AuthType Basic AuthUserFile full_path_to_htpasswd_file AuthName "Hey, log in or get out!" Require user username Order allow,deny Allow from ip_address_to_allow_without_authentication satisfy anysource: http://httpd.apache.org/docs/2.2/howto/auth.html
ssh-keygen -t rsa cat ~/.ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys'
In following instructions, remote machine is called public and machine whose port should listen on public is called home. On public check if in sshd_config there is
AllowTcpForwarding yesIt should be yes as default, for details see [2]. For forwarding home's 22 to 11000 on public do in home
ssh -N -R 11000:localhost:22 publicuser@publicThen you can connect when logged in public by
ssh -l homeuser -p 11000 localhost
You can use autossh instead ssh to automatically restart session when died.
if you can ensure there are no vulnerable SSH accounts on home (for example by setting home's sshd_config AllowUsers directive) you can change on public allow in sshd_config
GatewayPorts yesand then instead "11000:localhost:22" do "\*:11000:localhost:22" to listen for all adresses on all interfaces to allow from everywhere on the net
ssh -p 11000 homeuser@public
Sources:
[1] man ssh [2] man sshd_config
Is nice to get name to machine i.e. to show it in prompt for your quick info. Show short and full hostname:
hostname hostname -f
netstat -plt --numeric-ports
traceroute google.cz
dig +short myip.opendns.com @resolver1.opendns.comfrom http://unix.stackexchange.com/questions/22615/how-can-i-get-my-external-ip-address-in-bash
dpkg-reconfigure postfix