Forget typing your password to SSH, Certificate based Authentication is where it's at. Darren demonstrates with an Interceptor, Dropbear and Ngrep. Want a Linux Live USB key with persistent storage? Shannon has just the tool. Plus your picks on SSH tools and answers to your Wordpress questions.
Put together by a band of IT ninjas, security professionals and hardcore gamers, Hak5 isn't your typical tech show. We take on hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Then we wrap it all up with a healthy dose of cocktails and geek comedy. Damn the warranties, it's time to Trust your Technolust.
Want the most recent episode of this show always up to date on your website? Use this self-updating embed code!
After bantering about our upcoming travels to Waynesville, Missouri and Toronto, Ontario and a little griping about zipit segmentation faults, we get into your feedback on recent SSH segments.
Dzaztur recommends Gnome SSH Tunnel Manager. It's a sleek front-end for managing SSH tunnels, port redirects and more. Tunnel configuration is stored in a simple XML formal, great for portability, and the tunnels can be managed individually through one simple GUI. Thanks for the tip Dzaztur
Lozo points out that Mac OS-X has SSH built into the terminal, much like Linux. So true. We banter with Paul-the-camera-guy about the Mac OS-X kernel, which turns out is XNU -- an accronym for X is Not Unix. So there ya go!
Sp4m says if you're running Firefox over SSH you might want to look into remote DNS lookups. By default DNS lookups aren't done through the proxy. This can be resolved by typing about:config in the address bar, and enabling the network.proxy.socks_remote_dns setting. Thanks Sp4m.
And Finally Post_Break from < a href="http://iamthekiller.net/" target="_blank">IamTheKiller.net points us to Secret Socks -- a SSH Socks Proxy GUI front-end for Mac OS-X that he likes a ton more than SSHTunnel 1.6. [Edit: We made a mistake and called it Secure Socks in the segment]
And finally we go kitteh before moving on...
In this segment Darren explains why certificate authentcation is a bajillion times better than password authentcation and demonstrates the configuration using Ubuntu 9.10 and an Interceptor running OpenWRT Kamikaze. This forum thread details setting up authorized_keys with Dropbear -- the SSH daemon that comes standard on OpenWRT.
Next week we'll be breaking this down with a little Man-in-the-middle action. Until then send your feedback to email@example.com
When it comes to finding the right Linux distribution for you it's best to try a bunch out. And what better way then to make some bootable Live Linux USB keys? Shannon demonstrates Linux Live USB -- a Windows tool that makes it super simple to build a Linux USB key in minutes. It features automatic distribution downloading AND Persistence!
I just recently started using wordpress, and I am having alot of trouble trying to design a layout for it, I was wondering if you had any references or anything to help me learn how to do this, I understand HTML and only know a little of PHP. Any help would be greatly Appreciated.
Darren recommends setting up a local LAMP stack, that is to say the web server, database and scripting language to support a Wordpress install. The easiest way to get started is with either WAMP on Windows or XAMPP on just about any platform.
The Wordpress Codex is also an invaluable resource when you really get your hands dirty when theme code. Things like the loop and trim_excerpt are well detailed. Once you start learning the Wordpress functions you'll realize what a powerful content management platform it really is.
And finally we recommend Wordpress.org/Support for their forums. If you know of a better forum for Wordpress Theme Hacking please let us know!---